Risk is about uncertainty. The “When-Not-If” paradigm brings certainty where doubt was previously allowed (or used to manipulate outcomes):
- Cyber-attacks will happen
- Sooner or later, regulators will step in
- They can now impose business-threatening fines around the mishandling of personal data
- Media interest has never been higher around those matters; business reputation and trust in a brand will be damaged by high-profile incidents
All the risk-based constructions which have been the foundations of many cybersecurity management practices are weakened as a result.
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedIn