Following the news regarding the FCA warning that the asset management industry suffers from a lack of expertise and preparedness with regard to cyber security – Jason Howells offers the following comment.
“I think this survey confirms what we in the cyber security industry have known for some time; the cyber threat is widely misunderstood and perhaps underestimated by some. I don’t think this is limited to these sectors, either – it’s every sector and at every level. None of this is a criticism; the cyber threat is a new threat, it is in places deeply complex, and it is presented as almost existentially dangerous.
I also think the cyber security industry has to take some responsibility for this state of affairs. Cyber security products and services have been sold by some through over emphasising the fear and the complexity of the issue, but whilst that might work for a one-off sale it doesn’t build the essential, trusted partnerships that we need, to more expertly and successfully repel attacks.
Good cyber security can be understood and, crucially, led by boards in all sectors. It’s about risk management; understand, assess, act, repeat. Boards are good at risk management – it’s at heart what they do. It is a specialist risk, granted; but so is legal, political, physical and more. Outside expertise will, for most of the mid-tier of the economy, be essential. Get good third party help, and manage the risk”.