Executive Alliance Blog 2019

Cyber Wellness - The Future of Cyber Risk Management

Aug 12, 2019 12:17:23 PM / by David X Martin

Martin_300
 
Digital communication adds additional functionality and control – but also creates new vulnerabilities. For example, consider the possibility of your Easy Pass being used by law enforcement to issue speeding tickets. Or another frightening possibility: instead of a cyber-attack that deletes or releases stolen data, the next wave of attacks will merely change digital data to compromise its integrity so that, you no longer can rely on the data in your own system. 

It is impossible to centrally control every connection with employees and clients – therefore a new approach is required. A company’s cyber security program needs to encompass a cyber-wellness approach in which everyone in the firm is responsible for the risks they undertake. This requires an active process – just like physical wellness programs, in which the company takes an active approach to promoting and maintaining employees’ good health. So too, proactive choices need to be made across multiple dimensions of cyber-defense, response, and governance.  

For example, on cyber defense, consider how predictive weather data enables coastal areas to initiate preventive measures before a tropical storm arrives. Cyber-wellness functions the same way – it means taking proactive defensive measures before an attack. Being proactive means that intelligence and threat assessment data should be used to create active learning scenarios to deepen employee cyber knowledge/training – as well as to provide flashing updates for employees. 

Cybersecurity cannot be guaranteed, but a timely and appropriate reaction can. The first step is knowing when you are under attack.  I will be sharing further insights and thoughts based on my experience on cyber-wellness at the New York Security Leaders Summit on September 12th at the Grand Hyatt Hotel.

 

Topics: Leadership, Security Leaders Summit, cybersecurity, New York Fall 2019, Threats, Risk

David X Martin

David X Martin

Four decades of experience as a financial leader for PwC, AllianceBernstein, Citibank, and others has provided a grounding for balancing the realities of risk with the opportunities of business. Technology pervades all operations today -- how a business runs, how it delivers value and how it succeeds. It also threatens these aspects. That's why I focus on providing counsel to: C-suite leaders who wish to fortify their teams and businesses by minimizing risk and boosting potential. Boards of directors who seek guidance on their oversight and governance of cyber security. Legal firms who require broad and deep expertise for expert witness testimony for high-level litigation involving cyber security breaches, and risk management and valuation issues. My approach comes through in my writing and speaking engagements. My books, ''Risk and the Smart Investor'' and ''The Nature of Risk,'' plus articles for GARP, Institutional Investor, and my website blog convey my philosophy. My recent talks cover a holistic approach to cyber risk governance. I'm pleased to serve as Special Counselor to the Center for Financial Stability on cyber security and emerging risks, and on the Sanctions Subcommittee of the U.S. Department of State's Advisory Committee on International Economy Policy.