Reflections on 2016 (Part 2): Corporate Cyber Risks

This is part 2 of a 4 part blog series reflecting on the 2016 safety and security landscape. In Part 1, we looked at the escalating threat landscape, it's history and evolution. In this part 2, we take a closer look some of the shifting security dynamics for corporations. To download the full white paper, visit our Knowledge Center.

Companies' Growing Defensive Needs

Despite the recent spotlight on nation-state interference in the US and European electoral processes, the vast majority of cyber attacks are for commercial purposes: driving revenues for criminals.

Attach motivations.png

This is coupled with a growing realization that governments are unable to defend corporations from these attacks. Due to the ocean of cyber criminals, the sheer volume of attacks and the breath and dispersion of targets, government defensive cyber capabilities have withdrawn to defending government systems and critical infrastructure. And they have their hands full: many government systems still have material dependencies on outdated legacy systems. For example, Britain’s Vanguard-class nuclear submarines currently run on Windows XP, a version of the software that has not received security updates in over 2 years.  In 2016, a number of embarrassing hacks further highlighted the vulnerability of US government systems when over 800,000 personnel records were stolen from hacks into the FBI, DHS, NASA and DSS.

Shifting Security Officers

Against this backdrop, companies are increasingly getting organized. Many corporations are resourcing a new executive function led by the Chief Information Security Officer (CISO) or Chief Security Officer (CSO), to provide the focus and advocacy to implement effective organization safety, security and risk protocols. CISOs/ CSOs are currently heavily aligned with the CIO and IT projects and budgets. However, we believe this will ultimately shift to CEO reporting ascompanies seek more proactive security strategies that keep better pace with business agendas.

CISO reporting.png

To download the full white paper, visit our Knowledge Center.

About The Analysis: Our research leverages AlphaPrime’s proprietary data warehouse, Charlotte’s Web™, that tracks thousands of companies that protect people and assets. This particular analysis was conducted in February and March 2017. Charlotte’s Web™ is the result of hours of painstaking research: from our first analyst (and the data warehouse’s namesake) Charlotte Kwon, to Matteo Cuda, Emma Yunqi Li, Nathan Coen and Marc Bove who have contributed to its data reserves over the years. We remember and remain enormously thankful.

About AlphaPrimeIn an increasingly complex and dangerous world, threats to people and assets are escalating in diversity, frequency and magnitude. The need and ability to anticipate and respond to these threats is essential and universal. AlphaPrime invests in companies that address this need, and manage and protect people and assets. It’s not part of what we do, it’s everything we do.

Photo: Freedom Star Media

Photo: Freedom Star Media