- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
- I compared a $190 robot vacuum to a $550 one. Here's my buying advice
- I finally found a reliable wireless charger for all of my Google devices - including the Pixel Watch
- 6 ways to turn your IT help desk into a strategic asset
- How to install and use Microsoft's PowerShell on Linux (and why you should)
“If organisations are hacked, they should stay calm and act quickly by instantly activating their incident response plan”
A. The skills challenge is likely going to be key as a result of the rise of disruptive technologies such as Generative AI. They will be a reshaping of the entire global workforce and skills to adequately deal with cybersecurity issues will be in short supply. The other critical challenge that will be faced has to do with regulatory changes as nation-states seek to protect their citizens from cyberattacks. This typically adds to the overall costs of cyber compliance. Lastly, cybercrime will rise especially on digital platforms as people transact virtually.
Q. How are we making security a part of everyone’s job next year?
A. Awareness programs integrated into daily work practices are key as well as including security in employees’ job descriptions. Adding security duties to job responsibilities makes it everyone’s duty to ensure the security of company assets as well as colleagues’ personal safety. Security awareness is also critical as it enables employees to stay alert and report suspicious activities.
Q. What cybersecurity questions should every CEO ask?
A. There are several questions of interest to every CEO. The first one is: Do we have the necessary skills to defend ourselves against cyber-attacks? This is key; if there are no skills efforts should be made to ensure that people are trained, or additional skilled resources are recruited. Cyber skills resident in the organisation should always be higher than the skills of the attackers. The other question is: Are we complying with a plethora of cybersecurity laws, regulations, and standards to reduce incidences of fines and other penalties? This is very crucial for example in the payments industry where failure to comply with requirements such as PCI-DSS could force an organisation out of business. The last question has to do with resources; Are security budgets adequate to cater for the various security solutions required? Cybersecurity is an expensive process, and resources must be available and appropriately budgeted.
Q. From the perspective of a cybersecurity leader, what do you believe is the most valuable asset?