Blog

Leverages Information and Technology — RockCyber

- by Your Trusted Cybersecurity Partners - Leave a Comment

[ad_1]

Last time I introduced the 5th and the final principle of the leading coso – Information, communication and reportingS This time let’s dig in the first point on this principle which is Uses information and technology

As a reminder, the guiding principle of information, communication and Coso reporting has three points:

  1. Uses information and technology

  2. Communicates risk information

  3. Risk, Culture and Efficiency Reports

As I mentioned last time, organizations use data to make better and faster business decisions. The threats, as ransom, have become common in the last few years and have significantly influenced the critical systems and the presence of data from organizations and reliability, and have even sometimes influenced physical safety.

Cyber ​​threats such as Ransomware not only have internal consequences, but also if customer data are exposed or income generation services are taken offline, can lead to a significant impact on reputation or failure to comply with the regulatory requirement. Organizations can also use internal information systems for critical financial reporting and decision -making support.

Resurrection or any incident with cybersecurity on this issue can be extremely expensive; However, since Ransomware has become so common, let’s focus on some statistics that need to lead the point at home. This may sound like a fud, but it aims to “prepare the battlefield”, so to speak:

  • Cybersecurity Ventures predicts that the business will be a victim of a ransom attack every 11 seconds in 2021.

  • The colonial pipeline just paid $ 4.4 million to Darkside. Total recovery costs still need to be determined

  • Notpetya Ransomware 2017 causes damage to about $ 10 billion worldwide.

  • Norsk Hydro was attacked in March 2019, which forced him to return to manual processes. Their damage is approaching the $ 100 million brand.

These threats can also influence internal instruments used to support management and cyber risk accounting, such as management systems, risk and conformity (GRC), which track and account for risks using automated work processes. SIEM and SOAR platforms can act on large data that security tools generate to facilitate the warning, reporting and response to security events. Put special attention to protecting the integrity of these systems. Otherwise, the cascading effect may leave an executive leadership blind for material threats and risks to the organization.

As always, I love your comments and if you want to have a direct conversation, please shoot me a message and we will set up something.

Have a nice week!

[ad_2]

Related Posts

The Only Constant is Change. Can You Keep Up? — RockCyber

How Hungry Are You For Risk?

Strategy, Frameworks and More Frameworks — RockCyber

About Your Trusted Cybersecurity Partners

View all posts by Your Trusted Cybersecurity Partners →

Leave a Reply

Your email address will not be published. Required fields are marked *