Cybersecurity Trends 2020; The role of leaders in cybersecurity today

Cybersecurity Trends 2020; The role of leaders in cybersecurity today

What is the state of cybersecurity and awareness in Kenya today and how will it affect the roles of organizational leaders such as board members and top management in increasing the appreciation for both cyber and information security as key success factors?

Cybersecurity trends in 2020 as suggested by experts includes increased involvement of directors, high-level policymakers and C suite members in cybersecurity, increased sophistication of cybersecurity threats, cloud adoption, cybersecurity awareness, among others.

In this blog, we will discuss how understanding cyber risk exposure will contribute to directors and C suite level managers in increasing their appreciation of cybersecurity and awareness as a key factor in ensuring organizational success.

Understanding cyber risk exposure as vision carriers of the organization

It has been an emerging issue in most organizations in Kenya that cybersecurity risk exposure and management is a task that is assigned to mid-level managers. While directors in corporate governance are in better well-placed positions of influence to push for this action, there is a low appreciation for the need to include cybersecurity risk as a key success factor for regular boardroom discussions. As a result, many business leaders, including IT managers and chief information officers, are unable to communicate cybersecurity risk to their directors.

As a first step in the right direction, board and C-Suite members, as well as high-level policy-makers, need to gain a better understanding of the cyber-risks to which their organization, county or country are exposed. This does not mean becoming full-on technical experts rather what urgently needs to improve is the communication and translation of cybersecurity issues between those who are tasked with the day to day management and leadership.

The Silo Mentality

To achieve a better translation of cybersecurity issues between directors and other C suite level managers and those in charge of securing the organization’s cyberspace, this will require rethinking organizational structures and governance in order to break down silos and enable a more robust cybersecurity posture.

The Silo mentality or silos are created when individuals within an organization specifically conclude that it is not their responsibility to coordinate their activities with peers or other departments as well as share information. With this mindset, people have little interest in understanding their part in the success of the organization as a whole.

Cybersecurity is a relatively complex topic and a part of business that isn’t directly tied to generating revenue, therefore, there’s often a disconnect between the boardroom and the IT room. This results in cybersecurity silos which hinder the understanding and commitment to each member’s role in organization cybersecurity.

In order to breakdown these silos, directors and C suite members must be consciously aware of the organization’s cyber risk profile at any given time. Directors need to possess a strong understanding of investment in systems, personnel and continuous knowledge about cybersecurity.

If corporate and government leaders have a strong grasp of their entity’s vulnerabilities and which critical assets are at risk, they can take timely strategic decisions on investment and resourcing to bolster their organizations’ resilience and safeguards.
Others might argue that what stands in the way of this approach is a lack of a methodology that gives directors a mechanism for evaluating and assigning a value to the cybersecurity risks, a fair argument. With such a mechanism in place, the directors can possess better visibility on the effectiveness of various controls implemented to address cybersecurity within their organizations.

In conclusion

Directors and other organizational leaders must;

  1. Understand the cybersecurity risks that their business, county, and country is exposed to by understanding the organization’s risk profile at all times
  2. Define a mechanism to evaluate and assign value to all cybersecurity risks in order to possess better visibility on the effectiveness of various controls implemented to address cybersecurity within their organizations.
  3. Appreciate the need to include cybersecurity in regular discussions as a key success factor
  4. Actively develop, implement and oversee cross-functional task-forces and crisis-response teams that are clear on processes and protocols that are crucial when cybersecurity crises hit

Lastly, during the National Cybersecurity Conference held late last year, Cabinet Secretary Fred Matiang’i said that research shows that the annual cost of fighting cybercrime is projected to reach Sh600 trillion by 2021 with the global toll of cybercrime damage estimated to hit the same amount.

This reinforces the national reality that board directors, C suite members, and even national leaders are increasingly required to include cybersecurity as a critical component of their general role of oversight over management/governance. Because they typically own the vision of the organization, it, therefore, follows that each member should have a depth of understanding and appreciation about cybersecurity in 2020 and years to come.

What other ways can cyber-savvy organizational leaders contribute to promoting cybersecurity and awareness within businesses in Kenya? Drop a comment below, we would love to hear from you!

Don’t forget to subscribe to our blog for more articles on cybersecurity trends and what you can expect in 2020 this week!

What is the state of cybersecurity and awareness in Kenya today and how will it affect the roles of organizational leaders such as board members and top management in increasing the appreciation for both cyber and information security as key success factors?

Cybersecurity trends in 2020 as suggested by experts includes increased involvement of directors, high-level policymakers and C suite members in cybersecurity, increased sophistication of cybersecurity threats, cloud adoption, cybersecurity awareness, among others.

In this blog, we will discuss how understanding cyber risk exposure will contribute to directors and C suite level managers in increasing their appreciation of cybersecurity and awareness as a key factor in ensuring organizational success.

Understanding cyber risk exposure as vision carriers of the organization

It has been an emerging issue in most organizations in Kenya that cybersecurity risk exposure and management is a task that is assigned to mid-level managers. While directors in corporate governance are in better well-placed positions of influence to push for this action, there is a low appreciation for the need to include cybersecurity risk as a key success factor for regular boardroom discussions. As a result, many business leaders, including IT managers and chief information officers, are unable to communicate cybersecurity risk to their directors.

As a first step in the right direction, board and C-Suite members, as well as high-level policy-makers, need to gain a better understanding of the cyber-risks to which their organization, county or country are exposed. This does not mean becoming full-on technical experts rather what urgently needs to improve is the communication and translation of cybersecurity issues between those who are tasked with the day to day management and leadership.

The Silo Mentality

To achieve a better translation of cybersecurity issues between directors and other C suite level managers and those in charge of securing the organization’s cyberspace, this will require rethinking organizational structures and governance in order to break down silos and enable a more robust cybersecurity posture.

The Silo mentality or silos are created when individuals within an organization specifically conclude that it is not their responsibility to coordinate their activities with peers or other departments as well as share information. With this mindset, people have little interest in understanding their part in the success of the organization as a whole.

Cybersecurity is a relatively complex topic and a part of business that isn’t directly tied to generating revenue, therefore, there’s often a disconnect between the boardroom and the IT room. This results in cybersecurity silos which hinder the understanding and commitment to each member’s role in organization cybersecurity.

In order to breakdown these silos, directors and C suite members must be consciously aware of the organization’s cyber risk profile at any given time. Directors need to possess a strong understanding of investment in systems, personnel and continuous knowledge about cybersecurity.

If corporate and government leaders have a strong grasp of their entity’s vulnerabilities and which critical assets are at risk, they can take timely strategic decisions on investment and resourcing to bolster their organizations’ resilience and safeguards.
Others might argue that what stands in the way of this approach is a lack of a methodology that gives directors a mechanism for evaluating and assigning a value to the cybersecurity risks, a fair argument. With such a mechanism in place, the directors can possess better visibility on the effectiveness of various controls implemented to address cybersecurity within their organizations.

In conclusion

Directors and other organizational leaders must;

  1. Understand the cybersecurity risks that their business, county, and country is exposed to by understanding the organization’s risk profile at all times
  2. Define a mechanism to evaluate and assign value to all cybersecurity risks in order to possess better visibility on the effectiveness of various controls implemented to address cybersecurity within their organizations.
  3. Appreciate the need to include cybersecurity in regular discussions as a key success factor
  4. Actively develop, implement and oversee cross-functional task-forces and crisis-response teams that are clear on processes and protocols that are crucial when cybersecurity crises hit

Lastly, during the National Cybersecurity Conference held late last year, Cabinet Secretary Fred Matiang’i said that research shows that the annual cost of fighting cybercrime is projected to reach Sh600 trillion by 2021 with the global toll of cybercrime damage estimated to hit the same amount.

This reinforces the national reality that board directors, C suite members, and even national leaders are increasingly required to include cybersecurity as a critical component of their general role of oversight over management/governance. Because they typically own the vision of the organization, it, therefore, follows that each member should have a depth of understanding and appreciation about cybersecurity in 2020 and years to come.

What other ways can cyber-savvy organizational leaders contribute to promoting cybersecurity and awareness within businesses in Kenya? Drop a comment below, we would love to hear from you!

Don’t forget to subscribe to our blog for more articles on cybersecurity trends and what you can expect in 2020 this week!