Cyber Security Compliance: Are Compliance Managers and Managements on the Same Page?
September 02, 2016 | Data Exfiltration, Compliance, Cyber Security, Risk
The topmost risk that today organizations share across all geographies is the threat emanating from cyberspace. While there is no denying of the fact that innumerable possibilities arising from increased digitized world has immensely improved operational capabilities of firms, vulnerability of information systems to hacking, DOS attacks, and other cyber frauds continue to pose the biggest challenge.
Indeed, disruptive technologies such as cloud computing, big data analytics, and artificial intelligence yielded efficiency and innovation but it has also made organization’s sensitive data at risk from malefactors. Likewise, the growing culture of Bring-Your-Own-Device (BYOD) in workspace has left highly critical data at risk to data exfiltration.
In the wake of rising cybercrimes, which entails millions of data breaches every year, the legal framework supporting the cyber security, has become more stringent. But unfortunately the cybercrime prosecution rate remains very low.
That’s why it becomes all the more important for boards and compliance officers to formulate effective compliance policies. A well-defined compliance policy allows firms to effectively manage multiple risks. Unfortunately though there seems to be a big gap between what compliance officers think and management and boards consider as their goal.
For instance, a survey conducted among compliance officers by the Society of Corporate Compliance and Ethics and the Health Care Compliance Association found that 49.5% of the respondents believed promoting an ethical culture as the most important aspect for organizations, while preventing and detecting misconduct was the second most concern for them at 35.4%. On the other hand, the same survey showed that compliance officers believed that their managements had completely different perspective about compliance policies. 42.6% of the respondents felt their managements saw fulfilling regulatory requirements as the top priority, while 29% viewed preventing and detecting misconduct as the second most important compliance issue. A mere 13% of the compliance officers believed that managements saw promoting ethical culture as the priority.
This trend is startling particularly in the age of increasing cyber risks. If boards, managements and compliance officers are not on the same page about cyber security policy then it could result in unfathomable losses.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us