Apac
  • Home
  • News
  • CXO Insights
  • CIO Speaks
  • Whitepapers
  • Partner Conferences
  • Subscribe
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Business Intelligence

    Business Process Management

    CEM

    Cloud

    Collaboration

    CRM

    Cyber Security

    Data Center

    Digital Technology

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Security

    ERP

    Gamification

    Geographical Information System

    HR Technology

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    PLM

    POS

    Project Management

    QA and Testing

    Risk Management

    SaaS Solutions

    Security

    Simulation

    Smart City

    Sports

    Startup

    Storage

    Unified Communication

    Virtualization

    Workflow

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Fleet Management

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Managed Services

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Payments

    Pharma and Life Science

    Procurement

    Retail

    Sales and Marketing

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Corporate Finance

    Google

    HP

    IBM

    Intel

    IT Service Management

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

Menu
    • Cyber Security
    • Agile
    • Automotive
    • Business Intelligence
    • Cloud
    • Data Center
    • FinTech
    • Fleet Management
    • Cyber Security
    • Procurement
    • Oracle
    • Healthcare
    • Media and Entertainment
    • Manufacturing
    • Legal
    • Insurance
    • IBM
    • Home
    • Cyber Security

    Questions every Business should consider in a Cyber Security Plan

    By Clement Teo, Principal Analyst, Ovum

    content-image

    Clement Teo, Principal Analyst, Ovum

    Security is top of mind for enterprises today, and increasingly, at their board level. As the digital economy become pervasive, high-profile cyber attacks on large enterprises such as Sony and Bangladesh Bank have demonstrated how damaging a security breach is.

    Ovum estimates that spending on Cyber Security protection this year by businesses will exceed $37bn alone. In Asia Pacific, firms are estimated to shell out $6.8bn in 2016, with related services spend estimated at 5x more.

    A Quick Guide to Assessing Security Readiness

    As cyber security concerns become more prevalent, the key is to secure critical enterprise data based on business priorities. CIOs and CISOs should ask themselves:

    • What do I know about my most Critical Data? A useful approach to data discovery includes knowing the value of your data, knowing who has access to your data, knowing where your data is, knowing who is protecting your data, and knowing how well your data is protected. Enterprises should gather key stakeholders to map out the answers to these questions, and from there, determine which data is critical and must be protected at all costs.
    • Do we have the right people to secure our Critical Data? IT employees may not be security experts, and they are ill-equipped to devise a robust security defence/protection.
    Work with experts to draw up cyber security readiness, response and remediation plans for the organization.
    • Do we have the Right Process to secure our Critical Data? A responsibility assignment matrix (covering who in the organization and third-party partners is responsible/accountable/need to be consulted/need to be informed) is a must in case of a cyber breach? Who’s responsible for fronting the media, for contacting customers, for investigating the breach, for contacting third party suppliers, for contacting legal and so on? Who is accountable and is ensuring that all these processes are correct, thorough and executed flawlessly? Who should be consulted in the event of a breach is? How have recent breaches been managed? Who needs to be informed – who are the stakeholders that you have to keep informed of progress and next steps?
    • Is your Supply Chain Secure? For instance, automotive manufacturers have begun to take the threat of cyber breaches more seriously, and are looking at how their third party parts suppliers are aligning to their security own policies. This is to ensure that the sensors, systems, and other data-linked parts that make up an automobile cannot be easily hacked. Extend this concern into other manufacturing segments (e.g. aircraft supply chain) and the threat dynamic gets alarmingly. Take a closer look at external third party possession of key customer data, and how it is being used.

    Takeaways:

    Enterprises must seek to:

    • Transform the behaviour of all stakeholders. Not all data is equally precious, and enterprises should spend greater focus on prioritizing threats that are relevant to individual business operations and their most critical assets. A cavalier employee or third party attitude to security will render an ironclad plan ineffectual. Organizations must transform internal and external behaviours to tighten their security posture.
    • Transform its security posture. Enterprises must transform from being reactive and tactical to being strategic, preventative, and proactive instead. Consult your managed security service provider about advanced MSS capabilities, such as incident response management and predictive forensics.
    • Defend against attacks with a cyber security ecosystem. Look at the breath of joint partnerships between telcos/SIs and security vendors (such as IBM, HPE and so on) – and understand how these combine to provide security benefits. These should not obfuscate a security agenda that misses the forest for the trees.
    Top 25 Cyber Security Technology Companies 2017

    Top 25 Cyber Security Technology Companies 2017

    Featured Vendors

    I-Sprint Innovations

    Dutch Ng, CEO

    HP

    Richard Bailey, President - Asia Pacific & Japan (APJ)

    Cyber Security Special

    CIO Speaks

    • "Corporate Considerations: Dispelling the Myths of Cyber Security"

      Neil Jarvis, CIO, Fujitsu America, Inc

      Secure Text Messaging in an Academic Medical Center - Experience and Lessons

      Kari Cassel, SVP & CIO, UF Health

      It

      Gilad Raz, CIO, Varonis

      Top 3 Challenges Growing Businesses Face and How the Cloud Can Help

      Ken Shulman, CIO & CTO, Broadview Networks

      Cloud Security Grows Up

      Kevin Winter, VP & CIO, Booz Allen Hamilton

      Seamless Integration into Networking Industry

      Robert Lewis, CIO, Assurant

    • Moving towards an Intelligent, networked and boundary less world

      Rajeev Batra, CIO, MTS India

      Need and Importance of IT in the Shipping Industry

      Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

      At the Crossroads of Sports and Technology

      Jerry Mcglynn, CIO, Specialized Bicycle Components

      Proliferative Innovation via Platform+Agile

      Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

      Journey to the Cloud - Getting Things Straight

      Alex Konnaris, Group CIO, RMA Group

      Redefining the CIOs role

      David Kennedy, Group CIO, Transaction Services Group

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy.

    follow on linkedinfollow on twitter
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/cxoinsights/questions-every-business-should-consider-in-a-cyber-security-plan-nwid-3581.html