Abstract
The pace of digital transformation and new technology development and the growing sophistication of cyber criminals result in organisations facing greater scope and severity of cybersecurity attacks on a daily basis-estimated to cost between $375 and $575 billion per annum. It is anticipated that as more devices, systems, and infrastructure become interconnected and interdependent, and as more interfaces between customers, suppliers, and partners are leveraged, the IT ‘attack surface’ will continue to expand. Organisations vary in their approaches to attempting to prevent cybersecurity breaches: some are overly restrictive, making even routine business activities difficult, while others are too relaxed with poor oversight and inadequate protocols and procedures, creating unnecessary exposures. However, applying appropriate cybersecurity controls is now a particular necessity where digital leaders often have a higher tolerance and appetite for risk-taking and experimentation to identify key opportunities for the future. Organisations now need to rethink their cybersecurity management approaches, and recognise that traditional access control and perimeter defences alone are no longer sufficient. Rather holistic and proactive approaches that continually evolve and adapt to counter emerging threats and minimise the potential negative consequences of exposure are required. Understanding how effective the organisation is in its cybersecurity efforts is a prerequisite for ensuring controls remain abreast with, and appropriate for, the changing IT threat landscape. This paper presents a cybersecurity conceptual framework that can be used by organisations to provide a holistic analysis of their cybersecurity approaches. It details the key factors or management themes underpinning cybersecurity effectiveness and how the insights gained through assessing performance against these factors or management themes can be practically used to improve cybersecurity effectiveness. © 2019, Curran Associates Inc. All rights reserved.
Original language | English |
---|---|
Title of host publication | European Conference on Information Warfare and Security, ECCWS |
Subtitle of host publication | 18th European Conference on Cyber Warfare and Security, ECCWS 2019 |
Place of Publication | Coimbra |
Pages | 78-86 |
Number of pages | 9 |
Volume | 2019 |
Edition | July |
Publication status | Published (in print/issue) - 2019 |
Event | 18th European Conference on Cyber Warfare and Security - Coimbra Duration: 4 Jul 2019 → 5 Jul 2019 |
Conference
Conference | 18th European Conference on Cyber Warfare and Security |
---|---|
Period | 4/07/19 → 5/07/19 |
Keywords
- Cybersecurity assessment
- Cybersecurity barriers
- Cybersecurity drivers
- Cybersecurity management
- Threats