Our Insights
Cybersecurity in a digital era

Cybersecurity in a digital era

Even before the advent of a global pandemic, executive teams faced a challenging and dynamic environment as they sought to protect their institutions from cyberattack, without degrading their ability to innovate and extract value from technology investments.

Over the past year, we’ve sought to publish cybersecurity articles in various areas that will help senior executives consider their options and make pragmatic decisions about how to move forward in making the right tradeoffs in managing technology risks.

Get a strategy in place that will activate the organization

How cybersecurity can best support the digital enterprise
Article

Cybersecurity: Linchpin of the digital enterprise

-
As companies digitize businesses and automate operations, cyberrisks proliferate; here is how the cybersecurity organization can support a secure digital agenda.

Create granular, analytic risk management capabilities

The risk-based approach to cybersecurity
Article

The risk-based approach to cybersecurity

-
The most sophisticated institutions are moving from a “maturity based” to a “risk based” approach for managing cyberrisk. Here is how they are doing it.
Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity
Article

Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity

-
New cyberrisk management information systems provide executives with the risk transparency they need to transform organizational cyberresilience.
Critical resilience: Adapting infrastructure to repel cyber threats
Article

Critical resilience: Adapting infrastructure to repel cyberthreats

-
As the digital world becomes increasingly connected, it is no longer possible for infrastructure owners and operators to remain agnostic in the face of evolving cyberthreats. Here’s what they can do to build an integrated cyberdefense.

Build cybersecurity into business products and processes

The consumer-data opportunity and the privacy imperative
Article

The consumer-data opportunity and the privacy imperative

-
As consumers become more careful about sharing data, and regulators step up privacy requirements, leading companies are learning that data protection and privacy can create a business advantage.
Consumer-data privacy and personalization at scale
Article

Consumer-data privacy and personalization at scale: How leading retailers and consumer brands can strategize for both

-
Customer concerns about the security and privacy of their online data can impede personalized marketing at scale. Best-practice companies are building protections into their digital properties.
Financial crime and fraud in the age of cybersecurity
Article

Financial crime and fraud in the age of cybersecurity

-
As cybersecurity threats compound the risks of financial crime and fraud, institutions are crossing functional boundaries to enable collaborative resistance.
Critical infrastructure companies and the global cybersecurity threat
Article

Critical infrastructure companies and the global cybersecurity threat

-
How the energy, mining, and materials industries can meet the unique challenges of protecting themselves in a digital world.
The cybersecurity posture of financial-services companies: IIF/McKinsey Cyber Resilience Survey
Report

The cybersecurity posture of financial-services companies: IIF/McKinsey Cyber Resilience Survey

-
Cyberrisk has become one of the top risk concerns among financial-services firms, and new research from the Institute of International Finance (IIF) and McKinsey can help provide an understanding of ways firms can enable and strengthen cyber resilience.
A practical approach to supply-chain risk management
Article

A practical approach to supply-chain risk management

-
In supply-chain risk management, organizations often don’t know where to start. We offer a practical approach.
The race for cybersecurity: Protecting the connected car in the era of new regulation
Article

The race for cybersecurity: Protecting the connected car in the era of new regulation

-
The car industry’s digital transformation exposes new cybersecurity threats. Learn what OEMs can do to protect their cars and customers from hackers.
Defense of the cyberrealm: How organizations can thwart cyberattacks
Podcast

Defense of the cyberrealm: How organizations can thwart cyberattacks

-
Governments and companies have much work to do to protect people, institutions, and even entire cities and countries from potentially devastating large-scale cyberattacks.

Enable digital technology delivery

Blog Post

Understanding the uncertainties of cybersecurity: Questions for chief information-security officers

-
Given the dynamic nature of the cybersecurity environment, CISOs need to address a set of questions that will shape their strategies over time.
Protecting the business Views from the CIO's and CISO's offices
Interview

Protecting the business: Views from the CIO’s and CISO’s offices

-
At JPMorgan Chase, CISOs and CIOs work together to align cybersecurity with business goals.
The modern CISO: Managing scale, building trust, and enabling the business
Interview

The modern CISO: Managing scale, building trust, and enabling the business

-
The modern CISO is uniquely positioned to bridge gaps across technology, processes, automation, and cybersecurity.
The benefits of a CISO background to a business-unit CIO
Interview

The benefits of a CISO background to a business-unit CIO

-
A deep understanding of cybersecurity is a competitive advantage.
Robust cybersecurity requires much more than great technology
Interview

Robust cybersecurity requires much more than great technology

-
Security is increasingly an interdisciplinary capability.
Enterprise-wide security is both a technology and business issue
Interview

Enterprise-wide security is both a technology and business issue

-
CISOs have important skills that can position them for the CIO role.
Securing software as a service
Article

Securing software as a service

-
Here is how SaaS providers can meet the security needs of their enterprise customers.
Agile, reliable, secure, compliant IT Fulfilling the promise of DevSecOps
Article

Agile, reliable, secure, compliant IT: Fulfilling the promise of DevSecOps

-
By integrating security into DevOps, companies can step up the speed and frequency of software releases without compromising controls or increasing risk.

Help business address impact of global pandemic

Cybersecurity’s dual mission during the coronavirus crisis
Article

Cybersecurity’s dual mission during the coronavirus crisis

-
Chief information-security officers must balance two priorities to respond to the pandemic: protecting against new cyberthreats and maintaining business continuity. Four strategic principles can help.
Cybersecurity tactics for the coronavirus pandemic
Article

Cybersecurity tactics for the coronavirus pandemic

-
The pandemic has made it harder for companies to maintain security and business continuity. But new tactics can help cybersecurity leaders to safeguard their organizations.