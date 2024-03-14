Cybersecurity in the Executive Suite: Catalyst for Increased Growth
The threat landscape is rapidly escalating. It's high time to give cybersecurity the utmost attention in executive suites.
All stakeholders must realize: Cybersecurity is a top management issue. It's time to act and take appropriate measures!”WIESBADEN, GERMANY, March 14, 2024 /EINPresswire.com/ -- According to the FBI's Internet Crime Report for 2022, a total of 800,944 cases of cybercrime were reported. The actual number is likely much higher. Yet, cybersecurity still struggles to make its way onto the agenda of board meetings. A significant factor contributing to this is the perception that cybersecurity is merely a technological function with limited strategic significance. Consequently, the influence of cybersecurity on customer relationships, corporate reputation— including that of executives—and ultimately on revenue and results is greatly underestimated. Studies reveal that half (51 percent) of business decision-makers worldwide still view safeguarding against cyber risks as "necessary costs but not revenue generators," a gross misjudgment that undermines the potential to support strategic growth objectives.
— Michael J. Deissner, CEO comforte AG
Championing Cybersecurity Governance
This negligence of internal corporate governance actors has led regulatory bodies to increasingly intervene. This essentially contradicts the business demand for deregulation. Recently introduced rules by the SEC aim to enhance transparency and accountability to investors by mandating immediate disclosure of incidents and requiring boards to describe their oversight and processes for managing cyber risks. The NIS2 regulation in Europe holds senior executives personally liable for non-compliance leading to severe breaches, granting regulatory authorities the potential power to temporarily suspend their functions. Additionally, the European Central Bank (ECB) will introduce a cybersecurity stress test for European banks due to perceived insufficient industry preparation for cyberattacks. However, even without such regulatory interventions, boards should recognize the myriad reasons for greater integration of their cybersecurity functions. This includes preserving:
Competitive advantages by protecting sensitive corporate data,
Promoting growth by mitigating financially impactful threats,
Safeguarding reputation and corporate goodwill,
Advancing digital transformation,
Complying with local data protection/cybersecurity laws in all relevant markets,
Building trust with potential and existing customers, partners, and suppliers.
Cybersecurity as a Business Enabler
Approximately one-fifth of global business development managers report that their security posture has already affected the company's ability to win new business. So how should boards plan their cybersecurity efforts? A report by the World Economic Forum (WEF) provides insight into principles for better oversight of cyber resilience, also contributing to achieving strategic objectives. These include:
1. Perceiving cybersecurity as a strategic factor
2. Understanding the economic drivers and impacts of cyber risks
3. Aligning cyber risk management with respective business requirements
4. Ensuring organizational structure supports cybersecurity
5. Involving cybersecurity expertise in corporate leadership.
Privacy as a Unique Selling Proposition
This implies that boards need to expand their knowledge of cyber risk management. Cybersecurity isn't a task to be handled perfunctorily or solely delegated. Primarily, boards must focus on protecting the data itself, as it's the most valuable asset a company possesses. Data is the essential key to earning customers' trust. According to McKinsey, over half (53 percent) of consumers actively seek companies known to protect data. In B2B, 63 percent of procurement decision-makers do the same. Additionally, almost half (46 percent) of respondents claim they would consider switching brands if a company's data practices are unclear.
Time to Act
"All stakeholders must realize: it's time to act and take appropriate measures!" asserts Michael Deissner, CEO of Wiesbaden-based comforte AG, a leading provider of data protection and cybersecurity solutions. The company's patented encryption technology secures data for renowned clients like VISA, Mastercard, and major banks. As data increasingly moves across distributed on-premises and cloud environments, the challenge for modern companies is significant. Nearly all German companies already utilize such solutions, yet almost 50 percent are unsure if they comply with regulations. This underscores the need for data-centric security solutions, like comforte's Data Security Platform, which continuously detects, classifies, and applies all relevant data protection policies wherever data resides. Deissner emphasizes the imperative for boards to prioritize data security, asserting that effective cyber defense is now a CEO's responsibility. He advocates for a strategic, board-led approach to cybersecurity, asserting that companies who adopt data-centric solutions will likely be rewarded with long-term growth.
Thomas Stoesser, EVP Marketing
comforte AG
t.stoesser@comforte.com