Myth #1: “Cyber risk” belongs to an exclusive category
Classifying organization risk as merely “cyber risk” will only undermine gravity of the threat. William H. Saito, Special Advisor of the Cabinet Office for the Government of Japan writes, “There’s no such thing as “cyber risk” — it’s risk.” in his much-viewed piece in Forbes magazine. He educates readers that cyber risk encompasses intellectual property to safety of personnel and that it needs equal attention from senior management and executive team.
Myth #2: Cybersecurity is a new form of threat we haven’t encountered
It maybe natural to lean toward believing cybersecurity as a challenge unlike you’ve faced before. But history will tell you nothing’s truly new. Back in the Victorian era, when communications and commerce underwent a change with innovations in technology, the threat perceived was no different. Wrestling among horse riding, telegraph, and wireless radio was equally–if not more–an avant-garde experience
Myth #3: Knocking down cybersecurity to an “IT issue”
Cyber threats when designated as “IT risk” will only encourage pervading through the entire system. It’s essential to know, cyber risks cut across departments and that’s what is menacing. Information once digitized, there’s no earmarking cyber threat to a department.
Myth #4: Cyber Attack are common–several organizations are attacked everyday
Counting number of cyberattacks is a futile exercise because, it is as good as counting bacteria. What matters is the impact. Sometimes numbers lie. The attacks that are thwarted by elementary defences are also considered at times. So, they can be a conflating mixture. Wise action would be to measure the risks and prioritize the way to deal to with them.