Risk: An Undeniable Part of Every Organization

There’s no getting around it: every organization faces a variety of risks.  Risks are essentially the effects of uncertainty, and include financial, legal, reputational, and supply chain risks, among others.  One important risk frequently makes headlines—Cybersecurity risk.

The National Institute of Standards and Technology defines Cybersecurity as:

Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation. (U.S. Dept of Commerce, 2021)

Cybersecurity risks are constantly evolving, and it is important to be aware of how they hold the potential to affect not only your business, but ultimately, your customers, too.

Pandemic-fueled Threats

Amid a volatile political climate and a deadly pandemic, bad actors at every level have seized on the opportunity to take advantage of cyber unpreparedness.  Organizations of all sizes and across all sectors continue to struggle to update their models of work.  Many organizations have had to make devastating choices about reductions to their workforce and services.  The pivot to remote work has commonly led to an acceptance of security as a trade-off.  Then there is the human—facing incessant uncertainty and fear has proven to be exhausting.  Tired humans are less effective at decision making. 

From a risk perspective it is clear—cybersecurity matters now more than ever.

The Automotive Industry Continues its Proactive Approach

As organizations adapt their plans for 2021, many are embracing new cybersecurity efforts to address the tradeoffs accepted last year.  It is fortunate that the automotive sector has been making strides toward cybersecurity as a community since 2014, with the Automotive Information Sharing and Analysis Center (Auto-ISAC) going live with its [threat] Intelligence Platform in 2016.  In addition to threat intelligence, the Auto-ISAC offers best practices related to proactive cybersecurity efforts aimed to serve as a “guide [to] effective risk management and [to] further enhance the security and resiliency of the automotive industry.” (Automotive Information Sharing and Analysis Center , 2021)

Common Language is Key

With looming financial uncertainty, how do these companies assess and prioritize their efforts?  Most begin by assessing themselves against a given framework, and increasingly—that framework is the NIST Cybersecurity Framework (CSF).  Designed as a voluntary, highly customizable framework, the NIST CSF cybersecurity controls library and guidelines provide a common language for communicating risk throughout the ecosystem.   The common language aids in creating a feedback loop with suppliers to gain a better understanding of the risk from third and fourth parties.  Better communication through transparency in the ecosystem fosters trust—something that cannot always be otherwise quantified.

Why does organizational cybersecurity matter now more than ever?  Because in a volatile market, the currency is trust.

Experts Among Us: An Affinitiv Series taps into the immense talent from across our organization on topics that span all areas of business. Stay tuned for more updates here on Affinitiv.com.