Cybersecurity today encompasses multiple areas of an Organization and therefore requires governance at the highest levels
Cybersecurity is no longer restricted to standard ICT domains and encompasses multiple areas of an organization, including but not limited to human resources, supply chain management, administration and infrastructure and therefore requires governance at the highest levels. These observations are highlighted in CII-KPMG’s publication titled ‘De-risking India in the new age of technology’. The paper launched today at the 2nd CII National Risk Summit 2016 – DeRisking India Inc for Global Competitiveness, suggests that cybersecurity has started gaining visibility at the top level and is now an essential part of the boardroom discussion.
Regulators are increasingly holding board members and senior executives of a company accountable for cybersecurity of their company, often with stiff penalties, including but not limited to, heavy fines and legal consequences. The leadership level, therefore, needs to be aware of the internal and external cyber threats and incidents that can or are affecting their organizations. The various chapters in the report highlight the potential of adopting stronger policies, implementing stricter controls, regulatory compliances, increasing employee awareness and taking the necessary actions to mitigate risk. These refer to several challenges that India Inc. may encounter in the near future and proposing different ways in which the risks arising out of the business environment can be suitably managed.
Voicing his opinion on the white paper, Richard Rekhy, Chief Executive Officer, KPMG in India commented, “It is vital to keep pace with the changing regulatory and technology landscape to safeguard and advance business objectives. Working backwards by identifying and understanding future risks, predicting risks and acting ahead of competition, can make a company more robust. It would also help accentuate the growth with strong processes in place. Managing risks and aligning it with all key stakeholders must be on top of every board’s agenda.”
On the launch of the publication, Mritunjay Kapur, Partner and Head, Risk Consulting, KPMG in India, said, “From drones to smart offices, new age technologies have not only transformed the traditional way of doing business but have also given way to unforeseen risks that can lead to serious consequences, if they go unmanaged. It is imperative to understand the ramifications of such transformational technologies and design appropriate risk management strategies to de-risk our environment. This whitepaper is our first step to de-risk India. We explore the challenges that organizations face and then suggest the better risk management practices that can be followed in an accelerated environment of cognitive technologies to harness an organization’s potential to the fullest to balance the risks and opportunities.”
Suresh Senapaty, Chairman CII National Risk Summit 2016 said, “In this VUCA environment, proactive enterprise risk management plays a critical role on par with growth and profitability for value maximization. Well-orchestrated Risk Management practices help organizations deliver sustainable results by keeping pace with changes in client behavior, staying ahead of competition, identifying emerging technology trends and business model changes early. While this function has not received enough attention so far, most progressive corporate are beginning to realize the value it offers and recognizes that engagement in this area is of utmost importance.”
The publication concludes with a positive rhetoric, believing that a dynamic corporate India will emerge by being resilient in the face of a global turmoil, while facing the challenges on its expedition to success. For this to come to fruition, organizations need to build and implement leading practices for effective risk management. The world of technological advances is a double-edged sword, where one needs to embrace technology along with its strategies, as well as simultaneously mitigate the associated risks. Abstinence from any of these technologies might appear as one of the most effective defenses, since ensuring compliance is an uphill task. But the exponential rate at which the digital world is booming, it is likely to influence organizations in the years to come.