Sign Up for FREE Daily Energy News
canada flag CDN NEWS  |  us flag US NEWS  | TIMELY. FOCUSED. RELEVANT. FREE
  • Stay Connected
  • linkedin
  • twitter
  • facebook
  • instagram
  • youtube2
BREAKING NEWS:
Hazloc Heaters
Hazloc Heaters


Cyber Security Awareness Month: Cyber security in the new reality

October 21, 2020 EnergyNow Media

These translations are done via Google Translate
Print 🖨

Cyber Security Awareness Month - Cyber security in the new reality

One of the time-worn challenges of leadership in cyber security is balancing making proactive improvements to security with short term knee-jerk reaction to events. We often see tactical considerations divert attention from tackling longer term strategic issues. But with the COVID-19 pandemic, there’s been a hard reset.

Business leaders have rightly focused on remaining resilient through operational and financial pressures. Only now are some clients taking the time to step back and ask —what does the new reality look like over the coming months and next few years, and how do I prepare for it?

View additional materials available to business leaders during Cyber Security Awareness Month.

KPMG professionals have been working with the World Economic Forum’s Center for Cyber Security on these challenges, helping put together a set of five principles to help cyber security leaders prepare for the new landscape. The paper by the WEF, which outlines these principles in more detail, is a collective effort across the WEF C4C’s public and private partners to help clients get through this digital phase shift and transition into the new reality.

Foster a culture of cyber resilience

Businesses should look to break down barriers between departments, unifying the resilience culture across IT, operational technology and business-facing functions and promoting resilience by design across the enterprise. It can’t just be tick-box compliance. There has to be a sense of collective urgency over cyber needs beyond only the security and privacy functions, and the Board should make itself accountable —ensuring that risks are understood, plans designed and co-ordination is effective.

Focus on protecting critical capabilities and services

The pandemic revealed how little we know about our critical services and assets, and the best approach to protecting them. Businesses need to re-establish a cyber hygiene culture in the workforce, move to new models of managing access and monitoring activity on critical assets and prioritize investment in cyber automation.

Balance risk-informed decisions during the crisis and beyond

Cyber risk management needs a top-to-bottom overhaul. The pandemic has proven the old supply chain risk assumptions to be false. Traditional cyber resilience metrics have shown to be an inadequate representation of real risk. Businesses need to revise their approach to supply chains; define practical, meaningful cyber risk metrics; and focus on the risks to operations when designing new digital strategies.

Update and practice your response and business continuity plans

One of the assumptions underlying most cyber business continuity planning has been that the rest of the ecosystem is operating as usual, and that it’s possible to rely on suppliers and partners for support. The pandemic has forced us to question this assumption. Businesses need to revise resilience planning processes and test them, equipping crisis management teams with the skill sets and experience to manage under intense pressure. They also need to review the definition of a worst-case scenario in the new reality.

Strengthen ecosystem-wide collaboration

There’s strength in numbers, and the silver lining of the pandemic has demonstrated the need for cooperation. Governments are collaborating to address international cyber threats; major enterprises are pooling threat intelligence; and regulators are seeing the value of transparency and collective action in ecosystem resilience planning. Businesses should think about how to reach out to their industry networks and establish collaborative awareness and intelligence sharing sessions, work together to disrupt criminal activity, and take a systemic approach to risk management as part of the broader community.

Balancing tactics and strategy has never been harder than it is now. This pandemic has been unique in living memory, and certainly during the period that cyber has been part of enterprise leadership consciousness.

Now is the time to think about whether we should do things differently, going forward.

If you have any questions, please reach out to our Cyber security team:

Jeff Thomas
Partner, Advisory
Cyber Security
KPMG in Canada
jwthomas@kpmg.ca

 

Subscribe to KPMG Energy Insights



Share This:


Previous Article

 

Next Article

 

More News Articles


FEATURED EVENT

 

CEGA Core Conference 2024
Schachter Energy Report

GET ENERGYNOW’S DAILY EMAIL FOR FREE

 

ABOUT ENERGYNOW

EnergyNow.ca is an energy news media service dedicated to providing information on the Canadian energy sector's latest news, technology, innovations, commentaries, events, data and press releases. From oil & gas, to renewables, to the energy transformation, we've got it for you right here and right now!

Help us to improve EnergyNow, Give us your feedback

 GIVE US FEEDBACK

Quick Links

  • Stay Connected
  • linkedin
  • twitter
  • facebook
  • instagram
  • youtube2

USEFUL LINKS

Canadian


U.S.


International