Cyber risk and risk management
The risks and opportunities which digital technologies, devices and media bring us are manifest. Cyber risk is never a matter purely for the IT team, although they clearly play a vital role. An organisation's risk management function need a thorough understanding of the constantly evolving risks as well as the practical tools and techniques available to address them.
What do we mean by cyber risk?
‘Cyber risk’ means any risk of financial loss, disruption or damage to the reputation of an organisation from some sort of failure of its information technology systems.
It will never happen to us….
All types and sizes of organisations are at risk, not only the financial services firms, defence organisations and high profile names which make the headlines.
IRM’s Cyber risk practical guidance
IRM’s Cyber and Information Management Special Interest Group (SIG) conducted extensive research into the dynamic issue of cyber threats to business, governments and global enterprises. They have produced a practical guide for risk professionals and senior executives to help demystify the issue of cyber risk.
Members of the group commented ‘the true extent of the risk has yet to be assessed – let alone managed. And the threat is very real. Risk professionals need to wake up and smell the coffee before it is too late’.
Cyber risk: Nightmare or opportunity?
A crossroads has been reached. Cyber risk can either continue to be seen as negative – as another potential set of costs, complicate procedures and incoming legislative demands – or firms can use good cyber risk management as a differentiator from competitors as a selling point to clients, and as a measure of reassurance to stakeholders.
Download the article (PDF)
Cyber risk roundtables
IRM held a series of high-level cyber risk roundtables in association with BAE Systems Applied Intelligence under the Chatham House rule. Held at prestigious locations such as Claridge’s, the roundtables brought together leading heads of risk management, heads of information from major organisations, IRM representatives and experts from BAE Systems. Discussions included organisational exposures, boardroom engagement, the impact of cyber-attacks and how to develop effective risk and resilience strategies.
‘It’s becoming crucial to understand the threat and to start viewing the world from a cyber perspective.’
‘It’s very embarrassing to admit it, being who we are, but we have suffered serious cyber attacks and also had our telephone systems commandeered.
‘Many organisations are stuck in a reactive mode, but fear prevents action. We need to examine the opportunities to come out of this’.
IRM's practical guidance
IRM Members can download a FREE PDF copy of the full guide Cyber Risk: Resources for Practitioners from the Online Resource Centre.
Members can also purchase a hard copy of the report for £100 - please email firstname.lastname@example.org
Non-IRM members can purchase the full guidance report.
PDF version: £85
Hard copy: £150 inc P&P
Email email@example.com to purchase the full guidance report.
Cyber and Information Management special interest group
The group aims to provide support in managing the risks arising from the collection, use, storage, sharing and disposal of data and information through the use of IT. Read more
11 June 2014