We are constantly bombarded with news stories of the latest data breaches and hacker attacks. After a while all these reports begin to sound the same. Company X was hacked and the data breach exposed however many millions of private records. Customers are outraged. Company X is scrambling to repair both the problem and its damaged reputation. Rinse and repeat. It happens so often that many people just tune it out. But this so-called “breach fatigue,” as some experts have termed it, can be dangerous. Cyber-risk complacency can be as catastrophic to an organization as the impact of a natural disaster or major product recall. This is because cyberattacks are evolving. Hackers are no longer accessing forbidden databases simply for their own amusement or for bragging rights in the hacker community. Today’s cybercriminals are sophisticated attackers who know that data equals profit, and they are willing to go to great lengths to get what they want. This turns all organizations-from government entities to private corporations to nonprofits-into targets. Therefore, it is important that risk managers of all stripes understand not only the scope of the threat and the possible costs at stake but how they can mitigate it, whether that is through technology, internal security strategies or insurance solutions.
The following articles are intended to provide you with the necessary background on these issues so that you can advance the cybersecurity discussion within your organization.