Traditionally, the fundamental focus of the Enterprise has been to preserve and expand its value through “classic Assets” as reflected on the Balance Sheet. More recently, Information Assets have become an important new source of value, and are increasing at an appreciable rate in almost every industry.
Big data is all the rage. Securing big data is lagging behind. Today, these Information Assets are at risk as never before.
The Board of Directors possesses well-developed mechanisms for governance, audit and compliance geared toward the oversight of Classic Assets. Where are the protective, risk-reducing and oversight-managing mechanisms for our increasingly valuable Information Assets? We need to help answer these and other important questions.
Today’s Enterprises exist in a world constantly susceptible to cyber-terrorism:
- The threat is growing and expanding at an alarming rate
- New threat sources are emerging as nation-states and other more sophisticated actors become real and present risk vectors
- The pace of regulation and compliance requirements continues to accelerate
- Boards feel themselves outstripped by the needs, the risks, and the gaps in the top-level expertise available to address the issues
- New technologies in the areas of mobile devices, cloud services, big data, and smart devices continue to expand the proliferation of un-secured entry points
The need for a different approach
For these reasons and more, we should consider more sophisticated and responsive methodologies and architectures for addressing this challenging environment. We need comprehensive and, maybe even more importantly, sustainable cyber security program for organizations seeking to reduce their risk exposure, provide available protections as they emerge, and sustain a responsive framework for this rapidly-evolving area to “manage down” the uncertainty level.
It’s inevitable. Whether in the boardroom or around the office, you’re bound to have “the talk” about big data analytics for cyber security—if you haven’t already. At issue is whether or not your organization is optimizing its data collection and analytics efforts to your best ability to detect and defend against cyber intrusions.