Last Friday, we -CCI-
were invited to participate in an informative session about the future
of technology that a known Madrid-based, English-speaking radio station
broadcasts once a month, serving more than one million listeners. During the
program, in which our discourse focused on the current, and future, challenges
cybersecurity poses, we had also the opportunity to highlight the need for
promoting accountability [for the use of technology] among those individuals populating
Boards of Directors. The host of the program, Richard Vaughan, a well-known and
reputed entrepreneur who gives name to the Group which owns the station, asked,
not without certain surprise, what was our perception about the current level
of assumption of such liability among the Directors community. He pointed out
that, in his view, he did not think these individuals, among which he stands, were
very convinced, today, to assume that responsibility as their own. Our answer, already known, was in the same
direction that today’s Newsletter’s
first headline suggests: “The board of
directors should be always involved in the company's cyber security” as it
should be assuring its continuity and feasibility and, therefore, oversighting
every kind of risk that threaten such feasibility. Among them, technology risk.
Although it is not the only
one. Proof of it and of that the border between kinetic and non-kinetic is
blurring, today we bring to you a couple of examples of incidents on industrial
[critical] infrastructures which motivation does not seem, a priori, having
been bound to the use of control systems; but which consequences are not so
different from those produced by systems misuse.
Finally, let me invite you to
visit a security operations center (SOC) where you will see how risks like the mentioned above are monitored.
No hay comentarios :
Publicar un comentario