Risk Advisory insights

RSM’s ‘Catch 22: Digital transformation and its impact on cybersecurity’ report clearly shows that organisations must do much more to protect themselves. Businesses should not wait for a breach to occur before investing. A breach is inevitable and choosing to react rather than protect could create untold damage to an organisation .

Overview

We have all seen the brazen headlines depicting the latest fraud scandal and organisations crumbling as a result. We are saturated with recommendations, codes, standards and acts concerning Corporate Governance and Risk Management.

During a time when names like Enron, WorldCom, Arthur Andersen, and Tyco were making headlines in the news, Maryland Democratic Senator Paul Sarbanes and Ohio Republican Congressman Michael Garver Oxley were working feverishly to come up the Sarbanes Oxley Act of 2002 (SOX).

Internal audit can play a vital role in improving the performance of a company. Internal auditors assist companies in identifying key risk factors. This enables the company to anticipate potential future concerns as well as identifying current weaknesses.

Ransomware, also known as WannaCry/WannaCrypt0r recently hit worldwide with one of the biggest attacks in cybersecurity history. It struck the NHS (National Health Service) in Britain, affecting 40 hospitals to the extent that appointments had to be cancelled, surgeries postponed, essentially affecting many lives.

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorised access. Thus security includes both cybersecurity and physical security.

Following the release of the so called Notice of Clarification of 5 May 2015 and the anticipated and justifiable reaction to the impact of the Broad-Based Ownership Schemes (“BBOS”) and Employee Share Ownership Programs, (“ESOP”) The Department of Trade and Industry (“DTI”) has been forced to retract the Notice and reinstate the benefits associated to such schemes.

Over recent years, you would have heard the term BYOD mentioned with increased frequency. So it would be natural to ask oneself: “What is BYOD, and why is it garnering so much attention?”

Regulatory compliance is not an “optional extra” for an organisation these days. Stakeholders are more enlightened, and with the advent of social media, a newsworthy transgression by any organisation can reach a global audience within seconds.

If there was ever a time that information security was on the radar of risk management committees it would be now. It is an aspect of Enterprise Risk Management (ERM) that now demands attention and recognition. Cybersecurity is leading the charge in this constantly evolving field.