1 minute read
Lost in Cyberspace
The EU is introducing new cybersecurity legislation— will your company be prepared for it?
AEuropean Commission report detailed how, from 2015 to 2020, cybercrime almost doubled globally, to $5.8 trillion. This realisation of the growing threats prompted the EU to draft new legislation to tackle concerns around cybersecurity, data privacy, as well as the Internet of Things (IoT).
In this report, we discuss the cybersecurity framework and impact of these new directives with experts in the field. Puneet Kukreja, Senior Partner and Head of Cyber Security Practice, EY Ireland, has worked all over the world and seen policy and practice in every region.
He warns that, no matter how many regulations are in place, “Compliance does not equal to having the tools and technologies with operating processes
They note that, “In cybersecurity there is limited leeway to postpone actions that aid in the avoidance and mitigation of future risks; one must continuously anticipate approaching threats.” In other words, the best time to act is always now.
Demand for cybersecurity experts is only going to increase, so it’s time to start planning ahead strategically in terms of building in a recruitment plan for staffing your organisation or considering your budgets for working with trusted external experts.
Education across the workforce is key—cybersecurity threats are a threat to all staff and everyone from C-suite to accounts to hybrid workers need to be up to speed on risk factors. It’s not an issue to be siloed within the IT department. However, someone should be tasked with taking the implemented that make your organisation a secure and resilient organisation.”
Deep diving into the requirements, fully understanding them and sweating them out, doing more than just box-ticking exercises, will be crucial to keeping on the cutting edge of security in the future.
In its Foresight Cybersecurity Threats for 2030 report, the European Union Agency for Cybersecurity (ENISA) advises that organisations (and EU member states) “recognize shifts in the threat landscape and already begin preparations to ensure security and resilience in the face of morphing threats.” lead on reviewing new regulations and the impact they will have on your business and, to a certain extent, supply chain. Will there be company-wide implications? Will you need to change company policies and procedures? What training will be required and for what cohort of staff? What budget will be required?
The cybersecurity regulatory framework is certainly a deep dive for those who have never swam in those waters before, but it’s too late to stand by the edge dipping a toe in the water. Read on for an introduction, sound advice and practical steps to take.
