Cybersecurity in a digital era
Even before the advent of a global pandemic, executive teams faced a challenging and dynamic environment as they sought to protect their institutions from cyberattack, without degrading their ability to innovate and extract value from technology investments.
Over the past year, we’ve sought to publish cybersecurity articles in various areas that will help senior executives consider their options and make pragmatic decisions about how to move forward in making the right tradeoffs in managing technology risks.
Get a strategy in place that will activate the organization
Article
Cybersecurity: Linchpin of the digital enterprise
-
As companies digitize businesses and automate operations, cyberrisks proliferate; here is how the cybersecurity organization can support a secure digital agenda.
Create granular, analytic risk management capabilities
Article
The risk-based approach to cybersecurity
-
The most sophisticated institutions are moving from a “maturity based” to a “risk based” approach for managing cyberrisk. Here is how they are doing it.
Article
Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity
-
New cyberrisk management information systems provide executives with the risk transparency they need to transform organizational cyberresilience.
Article
Critical resilience: Adapting infrastructure to repel cyberthreats
-
As the digital world becomes increasingly connected, it is no longer possible for infrastructure owners and operators to remain agnostic in the face of evolving cyberthreats. Here’s what they can do to build an integrated cyberdefense.
Build cybersecurity into business products and processes
Article
The consumer-data opportunity and the privacy imperative
-
As consumers become more careful about sharing data, and regulators step up privacy requirements, leading companies are learning that data protection and privacy can create a business advantage.
Article
Consumer-data privacy and personalization at scale: How leading retailers and consumer brands can strategize for both
-
Customer concerns about the security and privacy of their online data can impede personalized marketing at scale. Best-practice companies are building protections into their digital properties.
Article
Financial crime and fraud in the age of cybersecurity
-
As cybersecurity threats compound the risks of financial crime and fraud, institutions are crossing functional boundaries to enable collaborative resistance.
Article
Critical infrastructure companies and the global cybersecurity threat
-
How the energy, mining, and materials industries can meet the unique challenges of protecting themselves in a digital world.
Report
The cybersecurity posture of financial-services companies: IIF/McKinsey Cyber Resilience Survey
-
Cyberrisk has become one of the top risk concerns among financial-services firms, and new research from the Institute of International Finance (IIF) and McKinsey can help provide an understanding of ways firms can enable and strengthen cyber resilience.
Article
A practical approach to supply-chain risk management
-
In supply-chain risk management, organizations often don’t know where to start. We offer a practical approach.
Article
The race for cybersecurity: Protecting the connected car in the era of new regulation
-
The car industry’s digital transformation exposes new cybersecurity threats. Learn what OEMs can do to protect their cars and customers from hackers.
Podcast
Defense of the cyberrealm: How organizations can thwart cyberattacks
-
Governments and companies have much work to do to protect people, institutions, and even entire cities and countries from potentially devastating large-scale cyberattacks.
Enable digital technology delivery
Blog Post
Understanding the uncertainties of cybersecurity: Questions for chief information-security officers
-
Given the dynamic nature of the cybersecurity environment, CISOs need to address a set of questions that will shape their strategies over time.
Interview
Protecting the business: Views from the CIO’s and CISO’s offices
-
At JPMorgan Chase, CISOs and CIOs work together to align cybersecurity with business goals.
Interview
The modern CISO: Managing scale, building trust, and enabling the business
-
The modern CISO is uniquely positioned to bridge gaps across technology, processes, automation, and cybersecurity.
Interview
The benefits of a CISO background to a business-unit CIO
-
A deep understanding of cybersecurity is a competitive advantage.
Interview
Robust cybersecurity requires much more than great technology
-
Security is increasingly an interdisciplinary capability.
Interview
Enterprise-wide security is both a technology and business issue
-
CISOs have important skills that can position them for the CIO role.
Article
Securing software as a service
-
Here is how SaaS providers can meet the security needs of their enterprise customers.
Article
Agile, reliable, secure, compliant IT: Fulfilling the promise of DevSecOps
-
By integrating security into DevOps, companies can step up the speed and frequency of software releases without compromising controls or increasing risk.
Help business address impact of global pandemic
Article
Cybersecurity’s dual mission during the coronavirus crisis
-
Chief information-security officers must balance two priorities to respond to the pandemic: protecting against new cyberthreats and maintaining business continuity. Four strategic principles can help.
Article
Cybersecurity tactics for the coronavirus pandemic
-
The pandemic has made it harder for companies to maintain security and business continuity. But new tactics can help cybersecurity leaders to safeguard their organizations.