A Cyber Compliance Economy

A recent article from the The Economist on how the Internet of Things (IoT) will change the world is astonishing. According to the report, as microchips become progressively cheaper they are being built in to almost everything.

The decline in prices of a megabyte of data storage is impressive.  In 1956 it would cost around U$ 85,000 (in today’s prices) now it is only U$ 0.00002 and it is decisive for an IoT World. Another example of connected decreasing prices is the cost of a sensor normally used in an IoT device which fell from U$ 1.30 to U$ 0.60 between 2004 and 2014.

The “cheap as chips” generates the popularization of IoT devices and many advantages which can be applied in the health care, market intelligence and industry productivity-increasing.  On the other hand, a connected world is a playground for hackers and we have dangers related to the hyperconnectivity.

Companies are growing more concerned with the question of corporate liability in case of cyber attacks, digital frauds and data breaches. Governance, risk and compliance are, therefore, top concerns in the corporate environment.

According to the U.S. Department of Homeland Security, manufacturing is the second most targeted industry based on the number of reported cyberattacks. Further, cybercriminals view small and medium-sized manufacturers (SMMs) as prime targets because many of these companies do not have adequate preventative measures in place.

The fear of breaches and cyber-attacks is founded in the financial cost of attacks, which is no longer a hypothetical number. Breaches cause real economic damage to organizations, damage that can take months or years to resolve. According to CISCO’s research respondents, more than half (53 per cent) of all attacks resulted in financial damages of more than US$500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket cost.

New regulations and norms are expected to solve new problems. As Professor of European Law at Groningen University Sofia Ranchordás, says: “Legislators — like scientists — can be nevertheless conceived as ‘problem-solvers’ that instead of pretending to know what the world is like based on theoretical knowledge, should also gather information and evidence to support their legislative choices”.

So, Compliance rules have a special place in this new world and companies have to be prepared for that.

The global dialogue on cybersecurity regulation is evolving from a conceptual discussion about nation-states’ rights and responsibilities toward an articulation of norms of state, industry behaviour and corporate liability legal framework. According to a recent Microsoft report, stakeholders from governments, the private sector, academia, and civil society are putting forward myriad norms proposals, addressing a range of challenges caused by the exploitation of information and communications technology (ICT) systems. 

Thus, for a really healthy cyber economy and sustainable development of technology we have to avoid cyber-surveillance, misuses of computer science and punish hardily cybercrimes. It will happen with cybersecurity measures, risk assessment, compliance and governance.

Private and Public sectors have to work together on new regulations, which will come from both nation-states and public authorities and a compliance culture wil have to be adopted by companies and entrepreneurs.

Joao Paro is a regulatory consultant at Compliance and Risks       Image: Nick Youngson 

You Might Also Read:

Easy Cyber Knowldege Ch.4 The Internet of Things ( £)

The EU's New Cybersecurity Certification Framework:

 

« Hackers Invade Routers To Steal Payment Card Details
Over 2 Million Magecart Detections »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Nova Leah

Nova Leah

Nova Leah helps connected medical device manufacturers meet cybersecurity compliance requirements throughout the entire product lifecycle.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Computacenter

Computacenter

Computacenter is a leading independent technology partner, trusted by large corporate and public sector organisations. We help our customers to source, transform and manage their IT infrastructure.

Archer Technologies

Archer Technologies

Archer helps organizations manage risk in the digital era—uniting stakeholders, integrating technologies and transforming risk into reward.

Millennium Corporation

Millennium Corporation

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.

OneID

OneID

OneID is the only UK identity service with access to bank-verified data to ensure that every transaction is protected by the most advanced counter-fraud measures.