“Some days it seems as if the world is out to get you. And if your job involves cyber risk management, no matter where you personally fit on the paranoia spectrum, some days that is actually true.”
So said Steve Jump, founder & director, Custodiet Advisory Services, who will be presenting on “Back to our future basics – how to really manage cyber risk”, at the ITWeb Security Summit 2022, to be held from 31 May to 2 June at the Sandton Convention Centre.
Should it really be this difficult? According to Jump, the answer is no, it shouldn’t. However, he says this situation where cyber threats are all over didn’t happen in isolation or overnight.
“Business, now as ever, wants to do more things that make them a profit before the competition gets there first, and less of anything that does not make a profit,” he explains. And somewhere on the journey to where we are now, business and technology lost the ability to communicate what business risk is all about. “They did not stop talking about it, but they stopped listening to each other’s priorities.”
The IT systems that made them millions are still active, Says Jump. But the need for upgrades to keep them stable, secure, and reliable may not have been presented in a way that made business sense – so bad and expensive things happened.
Although we have all heard the phrases “we need to get back to the basics”, or ‘better IT hygiene would have fixed it’, this is 2022, and the basics we need to deploy today are not the same basics that, even if they were deployed in the past, were not done so with the business in mind, he says.
“And as for data hygiene, as a post-pandemic analogy, it has some promise but needs a little work in its explanation,” he adds.
The question, says Jump, is how do we get back to where we now know we need to be in the management of cyber risk?
His presentation promises to be a short, brutally honest discussion around how we can learn from what got us here, what matters now, and what we can put off until next year.
Share