Skip to main content

Cybersecurity Questions from Business Leaders


We live and work in a cyber-connected world that keeps businesses in touch with customers, clients, suppliers, marketers, financial resources.  This brings new and exciting benefits.  It also brings risks—risks that we read about in news headlines.  About those cybersecurity risks:  what questions do you want to ask?  What does a business manager who is not in IT need to know?

In the wake of recent breaches of consumer data, articles with good information on how to respond are readily available for individuals:  on-line from the Consumer Financial Services Bureau and state Attorneys General, in letters and messages from financial service companies, as well as from news sources such as the New York Times, Wall Street Journal, and CNN.  

In the aftermath of business-focused scams, such as this year’s WannaCry and Petya ransomware attacks, and following FBI warnings of “spoofing” attacks that mimic internal executives’ instructions, it’s time to talk about the role and responsibilities for all managers and executives in an organization.

What should executives do to keep their companies, their data, their customers safe from cyber-attacks?  What, that is besides tell employees to follow IT’s direction to change passwords regularly and don’t click on unknown links?

We’ve started a list of questions from non-IT business managers.  Send me the questions you have always wanted to ask, and then join us on November 9, at Manhattanville School of Business, to hear the answers.

·         What are current best practices and successful strategies for employee use of personal devices in the workplace, routing business emails to employee phones, ensuring security of confidential business information?

·         After the Equifax breach, consumers are advised to “freeze” their credit bureau accounts.  What should business managers, treasury managers, and business owners learn from the Equifax experience?

·         If the nature of cyber threats are changing rapidly, how can any organization be certain that it’s insurance will cover the breach, hack, ransom or other attack?

·         Let’s talk about the “Internet of things.”  In terms of risks, what does that mean to a business organization – whether for-profit or not-for-profit?

·         Who should be in charge of cyber security in any organization (for-profit, not-for profit, governmental):  Head of IT (e.g., CIO, CTO), head of enterprise risk (e.g., CRO), COO, or someone else?

·         Large cyber breaches or breaches that reveal confidential information can bring bad press.  Realistically, though, how significant is a few days of negative publicity for a company or public agency – when those headlines will soon fade and be forgotten?

·         Why does it take years for companies to assess the extent of cyber hacks?  I’m thinking of Yahoo, which in October 2017 raised the number of accounts exposed in 2013 from 1 billion to 3 billion.  Why is it so hard to figure this out?

What can/should a non-technical manager do improve readiness for and recovery from a cyber-attack?

Send your additional questions to michele.braun@mville.edu and introduce yourself that evening so we can talk further.

Join the Institute for Managing Risk, the Women’s Leadership Institute, and our panel of experts on November 9 to discuss Cybersecurity: Readiness, Response, Recovery: Protecting Your Company’s Assets and Reputation.  More information and to register see this link.   



Michele Braun
Director, Institute for Managing Risk
Manhattanville School of Business

Comments

Post a Comment

Popular posts from this blog

The Marketing Success of Mailchimp

Today in the October 5th New York Times there was a wonderful article published about the success of a small business called MailChimp and how they accomplished this while taking the road less traveled. According to the article there are two ways to create a business.  The first is the typical way a business gets started; a young entrepreneur comes up with an innovative idea, next is the creation of a prototype along with participating in a start-up boot camp. This then leads to small investors hopping on board; which leads to the creation of a Kickstarter. If everything works out and the product is successful it’s time for the founders to enter the haphazard mode called expansion. This usually translates to selling off the company piece by piece for huge chunks of money from venture capitalists. Then, once a few years have passed, if all goes well, the founders hit it big time and then BANG their set.  The second and less well known option is just ...
2 comments
Read more

Why Study Risk Management?

As I read the newspapers, listen to news radio, watch TV news, stream business and general news, one of the words that shows up most frequently is “risk.”   Risky decisions, risk-weighted analyses, risk-focused audit, cyber risk, climate change risk, to name a few examples.   Several business people have told me they just want to run their enterprises and, unless risk taking is explicitly part of the business model (as for an investment fund or insurance firm), they just don’t have time to worry about risk.   This preference, while understandable, appears to be at odds with the frequent media references, so I decided to consult some experts.   The 2018 International Standard on Risk Management ( ISO 31000 ) says that t he purpose of risk management is “the creation and protection of value.   It improves performance, encourages innovation and supports the achievement of objectives.” Another widely recognized industry initiative ( COSO 201...
1 comment
Read more

The End Of A Manhattanville Legend

A piece of Manhattanville College died when sister Ruth Dowd passed on Friday, May 31, 2019, four months after her 100 th birthday. People will look at those dates will say “she had a good run,” or “she had a good life.” And while that is true, the fact is those who really knew her know there is much more to her story! Obituaries tell us about a person’s life; where they are from, went to school, worked, their family etc. They are benign by nature…   Let me tell you my thoughts about the PERSON, and bear in mind, I met her when she hired me 13 years ago…when she was merely 87! Ruth is one of my favorite names. Aside from being the eighth book in the Bible, and only one of two named after women in the Old & New Testaments,  it was my Grandmother’s (mother’s side) name. You want to talk about special people???? Sister Ruth Dowd hired me in 2006 to run the sport business management program at Manhattanville College. I took the interviews, but I really was kind...
1 comment
Read more