The rapid evolution of cyberthreats leaves the gamut of risk assessment efforts undertaken by organizations inadequate in addressing cybersecurity concerns. The conventional approach of the hardening of IT assets and critical infrastructure elements has proven to be less effective against the innovative cyberattacks emerging in the industry, which means that organizations must work to improve the immunity and capability of these IT assets and critical infrastructure elements. A Cyberresilience program can be the key.
Cyberresilience can refer to an organization’s capability to withstand the disruptive cyberattacks launched by adversaries on the organization. Organizations must be prepared to absorb and adapt to adverse effects of cyberattacks and be able to recover in a short span of time.
Being cyberresilient helps organizations in maintaining and ensuring their readiness to prevent and withstand the cyberattacks and restore their critical business operations to the maximum extent possible. Cyberresiliency can be considered as an integral element of the cybersecurity practice of an organization.
The objectives of Cyberresiliency include not only A protecting the critical information resources of the
organization but also evolving the cybersecurity
function to be better prepared to face new
new study spotlights how the crisis is impacting financial misstatement risks and internal control audits.
The study surveyed 139 accountants in the U.S. to gain broader insights into their work during the pandemic. Respondents who perform external audits disagree with the notion that the crisis will lead to an increase in earnings management or attempted fraud.
Although this finding may reflect respondents’ beliefs that stakeholders will be more forgiving of reduced earnings, management may have greater incentive to manipulate earnings during the pandemic. Regardless, the finding suggests that external auditors may be less likely to change their audit procedures to identify and assess changes to risks of material misstatements brought on by the pandemic. Internal auditors should consider the impact of a higher risk of material misstatement in their audit work.
Ironically, survey respondents also agree the crisis will reduce the effectiveness of internal controls and
cyberthreats in the future. Program objectives will not be the same for every organization; they should be identified based on an organization’s specific culture, business priorities and risk appetite. Organizations should consider building and strengthening their Cyberresilience program as a part of their overall operational resilience capability and should ensure it is aligned with their business and cybersecurity objectives.
It is also important to develop and identify the critical competencies, processes and technology solutions required for the implementation of a Cyberresilience program.
An effective Cyberresilience program can help your organization become better secured for whatever comes next.