The vital importance of accurate risk management

The vital importance of accurate risk management

George Patsis, CEO, and founder of Obrela Security Industries

Real-time integrated risk management (IRM) of existing and emerging cyber threats enables companies to defend themselves effectively against the most dangerous incoming attacks and, crucially, to contain any breaches before they can have a significant impact.

Cyber criminals are surreptitious in their methods and do not advertise a breach when it occurs. Often, the target organisation is unaware any breach has occurred until it is too late to avert disaster – in many cases up to 200 days after the initial breach has occurred. Many types of cyber crime, particularly data theft and financial fraud, require that the malware inserted into the corporate network remains dormant for some time while the cyber criminals reap their harvest in cash or customers’ financial and personal details.
Industrial espionage carried out by cyber attack is increasing and the threat actor’s modus operandi is generally to use the initial security breach as a starting point from which to gradually infiltrate the entire system.

Under the European Union’s newly-introduced General Data Protection Regulation (GDPR), organisations must be seen to do all they can to safeguard customer data and are obliged to report any significant breach immediately. To what extent inadequate risk management will be seen as an acceptable excuse by the EU for avoidable data loss and late reporting as yet remains to be seen. Insurers are also unwilling to offer cover against the consequences of a cyber attack without a clear risk profile.

Organisations must design their security as a continuous process of awareness, preparedness and readiness, enabling them to accurately assess the danger posed by each threat; risk management has to be the core of any such process and not merely an afterthought. Effective IRM enables organisations to manage cyber risk in order to achieve visibility across their business. It also allows companies to incorporate cyber security into the core of product and service design.

Effective IRM can deliver 3D (three dimensional) information security through the integration of people, process and technology and can greatly improve an organisation’s information security, by controlling and monitoring not only technology-related aspects but also human actor procedures. By bringing these elements together, information security becomes a single system – one that can be measured and monitored holistically.

 

Come and meet Obrela Security Industries at stand N25 at Infosecurity Europe, June 5-7th, Olympia, London.

 

George Patsis – Founder, CEO of Obrela Security Industries.

George Patsis is a highly accomplished expert in information security with a proven track record in developing and implementing large-scale security programs for major Global 500 Corporations. As an Entrepreneur, he holds a passion for identifying market opportunities and building brands. He pioneers and leads the design and development of innovative services and products in the area of cyber security intelligence and risk management.

George Patsis has studied Electrical and Electronic Engineering at the University College of London (UCL) and holds a MSc in Information Security Management from the Royal Holloway University of London (RHUL).

*Member of CREST, a not-for-profit accreditation body that represents the technical information security industry and the Athens Club, founded in 1875 and established since then as a social and intellectual center of brilliance.

 

Leave a Comment

Your email address will not be published. Required fields are marked *