Among the most complex and rapidly evolving issues companies must contend with is cybersecurity. With the advent of mobile technology, cloud computing, and social media, reports on major breaches of proprietary information and damage to organisational IT infrastructure have also become increasingly common, thus transforming the IT risk landscape at a rapid pace.
- Organised crime is monetising cyberspace, exploiting vulnerabilities in computer systems to compromise and remotely control computers; recording key strokes, monitoring screen displays and manipulating the computer user into divulging sensitive data.
- Cyberspace being borderless allows any attacker to route their assaults through multiple countries and jurisdictions, complicating investigation and law enforcement.
- Companies run the risk of losing substantial amounts of sensitive company information to malicious employees, who could also potentially remove it from company premises or introduce malicious software to corrupt company databases or sabotage network operations.
- Corporate espionage by firms is commonplace in cyberspace. Attacks often target sensitive intellectual property, and there have been multiple instances of major firms with its security compromised over many months and losing substantial amounts of sensitive data during these attacks.
- What is the role of internal audit and the audit committee?
- Framework for Cyber Risk Management and the role of risk management
- Is the COSO framework relevant and can it be used in assurance for cloud security?