search SEARCH
Apply Now

Effective cybersecurity risk management comes from the top

square icon 4 minutes

Sophisticated cybersecurity threats are devastating businesses at an alarming rate, from multinational enterprises to home-grown small businesses.

Headlines about data theft haunt our newsfeeds and we hear about email spam daily – and that’s just the tip of the iceberg. Cybercrime damages brand reputation, undermines stakeholder confidence and causes financial distress.

New technologies have increased the danger of sophisticated cyber threats. In 2019 alone, organisations have already come under attack in Australia, including Toyota and Federal Parliament. According to IBM, the average cost of cyber breaches globally has escalated to USD$3.86 million.

Experts have continued to blame executives’ blasé attitudes towards cybersecurity for making organisations vulnerable to cyber breaches. Organisations are well-prepared for risks from the physical world, but often take cybersecurity for granted. Employees might shred sensitive paper documents, but at the same time, leave their computer unlocked. Now is the time to prioritise cybersecurity strategy in your business, and leadership must come from the top.

How a cybersecurity crisis management plan can support business growth

Technological advances have been a double-edged sword for businesses. While promising unprecedented opportunities for business growth and success, they present a new avenue of risk from cyber criminals.

When it comes to cybersecurity, reputational risk is often top-of-mind for managers and organisational leadership. But cyberattacks can also prevent employees from completing their day-to-day tasks, affecting core business operations, threatening the bottom line and, given the spate of attacks on health institutions across the globe, might even put lives at risk.

Cybersecurity is an organisational risk that is too far-reaching to be delegated to IT staff alone – it is not an IT problem, but an organisation-wide cultural issue.

Business leaders are still understanding the need to shift towards a cybersecurity focus, despite forecasts from companies such as Enterprise Strategy Group predicting 58 per cent of organisations will increase cybersecurity spending in 2019. Proactive cybersecurity management from business leaders is crucial to respond effectively in a fast-paced, increasingly complex and diverse global environment.

Dr Jason But, Senior Lecturer in the Faculty of Science, Engineering and Technology, Swinburne University of Technology, says it is imperative that organisations have coherent cybersecurity strategies.

“It is essential for modern leaders to understand how to manage cybersecurity and its significance in enabling their organisations to operate effectively within an increasingly complex online environment. It is about understanding the technical issues in order to provide a coherent approach to direction-setting, decision-making and strategic planning to position businesses to be alert and secure in the event of a cyberattack.”

Investing in cybersecurity is investing in the future

The total cost of cybercrime to Australian businesses is estimated to be $3 billion in 2017 alone.

Norton’s SMB Cyber Security Survey found that one in four Australian businesses had been hit by cybercrime, with 516,380 small businesses falling victim. Small to medium enterprises typically pay more than $4,500 to free their data from ransomware, skyrocketing to an average cost of AU$1.9 million for a medium-sized business struck with a cyberattack according to Smart Company.

Dr But says businesses need to recognise that short-term investment will have long-term advantages, such as putting in place a communication policy to mitigate the impact of a cyber breach. Having a member in your team enrol in a cybersecurity management course is essential to your risk management strategy.

“The financial stakes are high. By investing resources to ensure your workforce is aware of cybercrime and its potential impacts, you will future-proof your business and mitigate the crisis if a cybercrime does occur.

“By being proactive now, you are limiting the impact a cybersecurity event could have on your business.”

Fostering a cybersecurity culture

Business leaders are responsible for fostering a cybersecurity culture within their company, including CEOs, mid-level managers and Chief Information Security Officers.

The first step is to reduce knowledge gaps and encourage all team members to be security advocates. Keep your workforce up to date with cybersecurity measures and their role, whether that means understanding how to create and use secure passwords, being aware of fraudulent emails or using safe ways to store sensitive documents.

To achieve cybersecurity readiness you must understand your current processes and have a vision for what they should be. Ask questions like: what are the risks? What are the emerging threats? What are the best practices?

Once you can answer the basics and have obtained insights from your team, you will be on your way to developing a long-term strategy to improve cybersecurity practices.

No organisation with a digital footprint is safe from cybercrime. From large global companies to small businesses, cybersecurity should be front-of-mind for managers. An investment in upskilling now could pay huge dividends in protecting the longevity of your business.

If you want to lead cybersecurity strategy from the top and protect your organisation from digital threats, you can safeguard your business’ future with the Graduate Certificate of Cybersecurity Management with Swinburne Online. Book a call with us to find out more, and start studying this July.