Large organizations have always focused on managing risk, but the technological breakthroughs that have enhanced our world in countless ways have also transformed how leading executives engage in enterprise risk management (ERM). The pervasive and ever-expanding threat of cyber crime means that comprehensive strategies for cyber security are now absolutely essential for all organizations.

After all, a report by Cybersecurity Ventures estimates that cyber crime across the globe will cost more than $6 trillion annually by 2021.

The sheer magnitude and pervasiveness of the crisis represents a cyber security call to arms, and seemingly no one is immune. By now, the list of data breach victims reads like a who’s who of major corporations, governmental agencies, retailers, restaurant chains, universities, social media sites and more:

• The Department of Homeland Security, IRS, FBI, NSA, DoD
• Macy’s, Saks Fifth Avenue, Lord & Taylor, Bloomingdale’s
• Facebook, Reddit, Yahoo, eBay, LinkedIn
• Panera, Arby’s, Whole Foods, Wendy’s
• Target, CVS, Home Depot, Best Buy
• Delta, British Airways, Orbitz
• Equifax, Citigroup, J.P. Morgan Chase
• The Democratic National Committee
• Adidas, Columbia Sportswear, Under Armour
• UC Berkeley, Penn State, Johns Hopkins

If you need another reason to drop everything and prioritize cyber security risk management in your organization’s overall ERM strategies and systems, consider the recent NotPetya malware attack. Described by Wired as “The Most Devastating Cyberattack in History,” it disrupted global shipping operations for several weeks and caused more than $10 billion in total damages while temporarily crippling such multinational companies as shipping giant Maersk and FedEx’s European subsidiary, TNT Express. All because hackers were able to infiltrate a networked but unsecured server in the Ukraine that was running software that made it more vulnerable to attack.

Despite these and countless other costly incidents and attacks, many organizations have not yet fully incorporated cyber security risks into (Read more...)