5 Questions Risk Managers Should Ask About Cyber Risk
Download our Cyber Liability E-Book for more tips!
Cyber threats are constantly evolving with increasing intensity and complexity. The ability to achieve company objectives and deliver business functions is increasingly reliant on information systems and the internet. This results in increased cyber risks that can cause severe disruption to a company’s business functions or operational supply chain, impact to reputation or compromise sensitive customer data and intellectual property.
Organizations will face a host of cyber threats, some with severe impacts that will require security measures that go beyond compliance. For example, according to a 2011 Ponemon Institute study, the average cost of a compromised record in the U.S. was $194 per record and customer due to a cyber-breach was estimated at $3 million.
The following are five questions a risk manager should ask about their cyber risk:
- How is our company leadership informed about the current level and business impact of cyber risk to our company?
- What's the current level and business impact of cyber risk and what's our plan to address the identified risk?
- How does our cyber security program apply industry standards and best practices?
- How many and what types of cyber incidents do we detect in a normal week and what's our threshold for notifying our company’s leadership?
- How comprehensive is our cyber incident response plan and how often is it tested?
If you’d like more information regarding this information, please contact Jay Shelton, Senior Vice President of Risk for Assurance at firstname.lastname@example.org.
ABOUT THE AUTHOR