Cyber Security - The Business Enabler.

For years and indeed to this day cyber security teachings and almost all certification exams pose the following question: What is the most important element to a successful cyber security function? Answer: Senior Management Support.

Well done for all those that answered correctly!

The challenge for a lot of cyber security professionals was how to gain and maintain that support. In the past organisations would bring in cyber consultants or set up cyber functions based on an audit finding or for legal and regulatory reasons. Was that really seeing the value of good cyber security practises or merely a knee jerk reaction to fulfil a gap someone else identified? In those instances, the moment a critical system needed patching the business would push back and the management support for cyber security crumbled. I’m sure that resonates with lots of our colleagues out there in the cyber security community front line.

Back in the present-day things are changing, its vital we look to leverage the focus and attention that cyber security now has. We need to ensure that organisations don’t just see cyber security as a must have internal control. That’s a good thing in itself, however we need to go further and have cyber security seen for what it is. A major business enabler. From playing its part in Requests for Proposals (RFP’s), providing comfort to potential investors and outcompeting competitors cyber security should be one of an organisation’s biggest strengths and marketed as such.

Senior management should now be asked to consider the following: What if your organisation is seen to have a poor cyber security posture? What would your customers, partners, suppliers and investors think of that? It may be fair to assume they would consider that if cyber security practises are poor then other operational activities may be also. That would be a hard blow for any organisation to recover from and brings me back to the original point. Cyber security is a business enabler. It provides senior management with assurance that cyber risk is being appropriately managed internally and lets the rest of our connected world know that your organisations is at the top of its game in managing cyber risk.

Third Party Cyber Security is a security consultancy that helps organisations improve their own cyber security posture and that of their supplier ecosystems too.