Cyber threats are a seemingly impossible challenge. By their very nature — fast-changing, borderless, asymmetric — they’re ridiculously difficult to predict and manage. No wonder the World Economic Forum has once again placed cybersecurity near the top of its latest list of global risks. Indeed, conventional wisdom holds that it’s only a matter of time before your organization is the target of a cyberattack. And while we agree with Andy Bochman, a senior cybersecurity analyst at the Idaho National Lab, that “no amount of spending on defenses will shield you completely from hackers,” we contend that you can shore up your defenses to substantially mitigate the risk.
In this article, we focus on the main challenge in managing cybersecurity: the data gap. Very little cyber data is broadly available, making it difficult to objectively evaluate the potential impact of incidents. Through our work with stakeholders across regions and industries, we propose an approach to identifying what to measure, how to capture the required data, and how to make it useful.
Read the full article on Harvard Business Review.