Cyber/Information Security in the Digital Age
Threats to enterprise information security are escalating due to a number of factors: increased connectivity with outside vendors; the growing number of network-enabled devices; the increasing number of human/device connections; and the enhanced coordination, sophistication and professionalization of security attacks. Members of the European Chapter of the Roundtable on Digital Strategies convened at LafargeHolcim’s facilities in Zurich for a discussion of the current and future of cyber/information security. Topics for the day included current and future changes to the infosec threat landscape, and how enterprises can respond and adapt with technology, processes, and training. Participants in the session included CIOs and leaders of information security from Clariant, Hilti, the International Committee of the Red Cross, LafargeHolcim, and Swarovski, along with members of the Center for Digital Strategies at the Tuck School of Business
Key Insights Discussed in this Article:
- Cybersecurity is a growth market. Cyber attacks are increasing in frequency, sophistication, and impact, as information security perimeters expand with new devices and cloud applications. IT and Information Security need to anticipate and respond with at least equal energy and innovation.
- Changes in business practices are opening up the threat landscape at least as much as changes in technology. The opportunities presented by digital and digitally-enabled services create a host of new risks; a key question for enterprises is how to balance the two
- “Information Security” has become a requirement that goes far beyond IT’s ability to secure using technology. Traditional IT security prevention and remediation remain critical activities, but awareness and training among employee, executive, and partner communities are equally, if not more, important
- Enterprises need to develop and implement business-based management and governance strategies for information security. From prevention through detection to crisis management and remediation, Information Security is an executive staff/Board level responsibility
The Roundtable on Digital Strategies meets four times a year to discuss a specific business issue or theme. In focused discussions that cut across organizations and industries, participants from noncompeting member corporations examine meaningful business issues and topical challenges that they have in common. They come away from the day-long experience with new ideas and new approaches to specific challenges—the kind of creative assessment that arises only from diverse perspectives.