Adversaries are continuously seeking new and creative ways to gain and exploit network access and information resources. Increased levels of hacking, malware, phishing, rogue mobile apps, mobile device infection, as well as targeting specific individuals, are some of the more common attack methods used by adversaries today. This increase in efforts by adversaries and the sophistication of their methods, is similar to the growth in the amount and complexity of databases, systems, and devices that house or process Federal information assets.
The combination of these issues, combined with the speed of onset and immediate impact from Cybersecurity threats, is forcing a reexamination of reliance on “compliance” and a “hardened perimeter” mindset as the primary means to protect from external threats and convey risk information to senior leaders. Enhancing decision making through the collaboration of ERM and Cybersecurity is a critical step towards better information flow, improved senior management communication and collaboration to mitigate enterprise risks.