A holistic approach to cyber security, one in which your people, processes, culture and ICT infrastructure is taken into account, will reduce direct and indirect costs (such as fines and litigation), optimise your revenue opportunities (by proving to clients and customers that you are a safe and secure organisation to do business with) and ultimately enhance your business prosecution. A high level of cyber maturity works to safeguard your reputation, attract (and retain) investors and clients and enables you to make the best use of information, knowing that it is valued, timely and relevant.
But what exactly is ‘cyber maturity’? Simply, it is the measure of an organisation’s level of cyber security development, signalling how robust that organisation is in cyber space and the level of knowledge and understanding that the organisation, as a whole, has regarding threats, risks and appropriate behaviours to pursue. Finally, it is about ensuring that such knowledge and understanding is put into practice and supported throughout the business as a whole.
Measuring your level of cyber maturity is therefore about much more than simply assessing your technology. It is also about the governance structures in place, the culture which is fostered around information, how employees are supported through learning and development, the level of cyber situational awareness running throughout the business, and so much more. All businesses have information they need to protect and good cyber security is ultimately about recognising what your most valuable information is, and being confident that it is sufficiently protected and optimised.
It is important for businesses to remember that their most valuable information might be the personal information of customers and employees, as highlighted by Adrian Leppard, Commissioner of the City of London Police:
“Technology might be fanning the flames of fraud, but data is the fuel fraud needs to survive. While individuals focus on shredding old utility bills and protecting their PINs, the reality is that businesses are a far greater source of data, with many holding thousands, even millions, of customers’ details. In today's fight against fraud, businesses are becoming a major battleground” (Source: The Telegraph, 2011).
Commissioner Leppard will join other representatives from government and industry at a Cyber Security Breakfast briefing on the 1st of March 2012 to discuss ways in which organisations are taking steps to mitigate both the internal and external cyber threats. The briefing will address how public and private organisations can work together and engage in practical steps to improve the UK’s Cyber Maturity level, in light of the UK Cyber Security Strategy: Protecting and Promoting the UK in a Digital World.
To find out more about the ‘Cyber Security Breakfast Briefing: From Threat to Solution, please click here.
By Dr. Jessica Barker, Templar Executives