Cyber Security Awareness Month 2018

October is known as Cyber Security Awareness Month and in the US it is commonly referred as National Cyber Security Awareness Month (NCSAM). This is a global initiative to raise awareness on emerging Cyber threats and best practices to defend against them, while educating the public and the private sector, on how to tackle cyber security challenges in a fast-evolving digital ecosystem.

‘Security’ is the enabler for evolving and scaling up in a secure manner, while minimising the risk of being affected at an irrecoverable level.

Cyber Security is promoted at an impressive rate during this month, with several awareness campaigns taking place. Typically, these campaigns focus on giving advice around having best-in-class practices when it comes to Cyber Security, sharing thoughts around exposure to unnecessary risk and try to communicate the benefits from having a Cyber Resilience strategy in place, while discussions around defence-in-depth tend to spawn recommendations around different products and services that might help an organisation’s security practice. 

To achieve this, during October several events take place to engage and educate the information security community, while focusing on sharing knowledge, lessons learned, and forward-looking ideas.

One of the articles published for NSCAM is an attempt to discuss the fundamentals on Cyber Risk exposure, presented as a Boardroom Briefing on Cyber Risk exposure, in M&A & deal-flow scenarios (an 'investment metric' for a successful decision-making process)

The best advice for NCSAM is to seize the opportunity to participate, network and most importantly ask questions during this period. 

One of the key messages that needs to be communicated to decision makers, is that:

‘Security’ (Application Security, Information Security, Cyber Security), is the enabler for evolving and scaling up (i.e. a service, a business, an asset, a Digital Ecosystem, etc.) in a secure manner, while minimising the risk of it being affected at an irrecoverable level. 

Consider adding key questions around Cyber Security in the boardroom discussions that need to be answered sooner than later. If you need help in kick-starting the thought process, considerer the following:

• What is the current holistic security posture of the organisation (including outstanding high-risks) and its overall Cyber-risk exposure and, how it is performing against peers.
• At what rate and how quickly evolving threats can be identified and, what is the current state of readiness in responding to different incidents.
• What is considered 'Best Practice' when in comes to defending against Cyber related threats (internally and externally).
• What financial investment is currently needed in order to have in place an actionable Business Continuity Plan (BCP), that in not only well-defined but, it is also robust and mature across all business functions.

These are only a few of the questions that need to be answered at a board level when discussing risks that originate from Cyber threats.

Engage with Cyber Security professionals that understand how, why and, in what way, the challenges in your company's digital ecosystem are unique and, what kind of tailored approach to the problem in required. Seek for advice from a holistic point of view, while the answer does not only meet current requirements/challenges but, it also allows for growth and scaling up in a secure manner.

This article was originally posted here: 
https://www.linkedin.com/pulse/cyber-security-awareness-month-2018-grigorios-fragkos/