A Cyber Compliance Economy

A recent article from the The Economist on how the Internet of Things (IoT) will change the world is astonishing. According to the report, as microchips become progressively cheaper they are being built in to almost everything.

The decline in prices of a megabyte of data storage is impressive.  In 1956 it would cost around U$ 85,000 (in today’s prices) now it is only U$ 0.00002 and it is decisive for an IoT World. Another example of connected decreasing prices is the cost of a sensor normally used in an IoT device which fell from U$ 1.30 to U$ 0.60 between 2004 and 2014.

The “cheap as chips” generates the popularization of IoT devices and many advantages which can be applied in the health care, market intelligence and industry productivity-increasing.  On the other hand, a connected world is a playground for hackers and we have dangers related to the hyperconnectivity.

Companies are growing more concerned with the question of corporate liability in case of cyber attacks, digital frauds and data breaches. Governance, risk and compliance are, therefore, top concerns in the corporate environment.

According to the U.S. Department of Homeland Security, manufacturing is the second most targeted industry based on the number of reported cyberattacks. Further, cybercriminals view small and medium-sized manufacturers (SMMs) as prime targets because many of these companies do not have adequate preventative measures in place.

The fear of breaches and cyber-attacks is founded in the financial cost of attacks, which is no longer a hypothetical number. Breaches cause real economic damage to organizations, damage that can take months or years to resolve. According to CISCO’s research respondents, more than half (53 per cent) of all attacks resulted in financial damages of more than US$500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket cost.

New regulations and norms are expected to solve new problems. As Professor of European Law at Groningen University Sofia Ranchordás, says: “Legislators — like scientists — can be nevertheless conceived as ‘problem-solvers’ that instead of pretending to know what the world is like based on theoretical knowledge, should also gather information and evidence to support their legislative choices”.

So, Compliance rules have a special place in this new world and companies have to be prepared for that.

The global dialogue on cybersecurity regulation is evolving from a conceptual discussion about nation-states’ rights and responsibilities toward an articulation of norms of state, industry behaviour and corporate liability legal framework. According to a recent Microsoft report, stakeholders from governments, the private sector, academia, and civil society are putting forward myriad norms proposals, addressing a range of challenges caused by the exploitation of information and communications technology (ICT) systems. 

Thus, for a really healthy cyber economy and sustainable development of technology we have to avoid cyber-surveillance, misuses of computer science and punish hardily cybercrimes. It will happen with cybersecurity measures, risk assessment, compliance and governance.

Private and Public sectors have to work together on new regulations, which will come from both nation-states and public authorities and a compliance culture wil have to be adopted by companies and entrepreneurs.

Joao Paro is a regulatory consultant at Compliance and Risks       Image: Nick Youngson 

You Might Also Read:

Easy Cyber Knowldege Ch.4 The Internet of Things ( £)

The EU's New Cybersecurity Certification Framework:

 

« Hackers Invade Routers To Steal Payment Card Details
Over 2 Million Magecart Detections »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SolarWinds

SolarWinds

SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

CCL Solutions Group

CCL Solutions Group

CCL is one of Europe’s leading digital investigation specialists, supporting law enforcement, government and organisations across both public and private sectors.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

European Recruitment

European Recruitment

European Recruitment is an award-winning, international recruitment agency specialising in niche technology areas including Cyber Security.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

BioConnect

BioConnect

BioConnect provide biometric access control solutions to verify a person’s identity across physical, IOT and digital applications.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

CLEAR

CLEAR

With more than 17 million members and a growing network of partners across the world, CLEAR's identity platform is transforming the way people live, work, and travel.

Atlas Systems

Atlas Systems

Atlas Systems helps companies large and small accelerate their digital transformation journeys – expanding their capabilities and delivering tailored solutions including cybersecurity.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.

Sattrix Information Security

Sattrix Information Security

Sattrix Information Security helps small, mid, and large enterprises in the area of digital transformation with a focus on information security.

Pacific Northwest National Laboratory (PNNL)

Pacific Northwest National Laboratory (PNNL)

PNNL draws on its distinguishing strengths in chemistry, Earth sciences, biology, and data science to advance scientific knowledge and address challenges in energy resiliency and national security.