Do not mistake cyber security for being merely a technical discussion about IT problems to be fixed. Cyber security is now, and always has been, purely a response to risk. The risks have changed dramatically over the last 20 years, but the way many people view security is stuck in the 1990s.

Here in Australia, we're now under the Notifiable Breach Disclosure scheme and it's worth using this as a barometer to understand how well executives actually appreciate that they run digital companies working in a digital economy, with all the risks that come with hyper-connection and digital interdependence.

How well an organisation understands itself and its ability to work through responding to a suspected data breach is a direct reflection of how well it understands its business, as well as its dependence on technology and data. In other words, how well does the company understand and manage risk? Yeah, governance, that old chestnut.

People talk about digital transformation and disruption as though these were destinations to get to. But, digital transformation is a continual process and risk management is a necessary component. There is no finish line for transformation or risk management, there are only companies that will cease to be competitive.


Full Story



James Turner

About The Advisor

James Turner

James Turner is an IBRS emeritus Advisor who specialised in cyber security and risk and facilitates the CIO Cyber and Risk Network on behalf of IBRS. James has over a decade of experience as an industry analyst and advisor; researching the cyber security industry in Australia. As an IBRS Advisor, James authored over 100 IBRS Advisory papers, led dozens of executive roundtables, and presented at numerous conferences.