CYBER RISK IS AN ENTERPRISE RISK
The 2016 Verizon DBIR study concludes that in 93% of data breaches, the targeted systems were compromised within minutes; 83% of the time those breaches were not discovered for weeks, leaving the attackers with plenty of time to do their damage and remove data. The 2016 Ponemon Cost of Data Breach Study states the average consolidated total cost of a data breach in 2016 was $7million, and the average cost incurred for each lost or stolen sensitive data record was $221.
MANAGEMENTS CYBER RISK RESPONSIBILITIES
Because cyber risk is a top concern for boards and audit committees, management needs to be prepared to discuss how they are actively managing cyber risk as an enterprise-wide risk. Many of these discussions begin with some typical questions that are asked:
What is our cyber risk?
Are we prepared to manage our cyber risk moving forward?
While these are high level questions, being prepared to answer these questions is not only foundational for effective risk management, it is also critical to gaining the confidence of the board and being prepared to address their concerns. Board and audit committee discussions will also focus on other key areas, including:
Cyber Risk Management Framework
Risk Management Decisions
Third Party Risk
Simulations / "Table Top" Exercises
Our professionals have extensive experience helping organizations understand and manage their cyber risk. We know how to deliver cybersecurity services to different stakeholders who hold varying roles within an organization.
From a technical perspective, our professionals can assess current cyber risks, advise on cybersecurity architecture and operations, improve organizational resilience, and help achieve costeffective compliance with security standards and regulations.
From a management perspective, we can help develop a cyber risk management strategy that is aligned with organizational considerations, and supports cyber risk discussions with the Board and Audit Committee.
We have the expertise to assist you in the areas of:
Cyber Risk Program & Strategy
Cyber Risk Assessments
Cyber Architecture and Operations
Security Compliance Advisory