The Chief Executive Officer of CWG PLC, Mr. Adewale Adeyipo has urged senior-level executives to develop what he called “cybersecurity readiness”, stressing that cybersecurity is now a culture which must be entrenched into an organization as safety, quality, ethics and compliance has been.
Mr. Adewale, while making a presentation at the Director and Future of Business webinar with the theme ‘Cybersecurity & AI’ last month, also posed some key cybersecurity readiness questions for senior leadership in all organizations, both in the private and public sectors.
Some of these key cybersecurity readiness questions are as follows;
1. Do you secure suppliers, acquisitions, business partners, and customers with the same rigour as you secure your enterprise?
2. Are the users of your cybersecurity tools properly trained on how to get the best results from them?
3. As a business enabler, have you integrated cybersecurity into your business strategy so that your business can safely and securely innovate and grow faster?
4. Do you have comprehensive written plans in place for incident response, business continuity and disaster recovery?
5. Do you regularly practice executing these plans?
He stated that until business leaders find answers to these questions and regularly practice them, managing cyber attacks, which has become a regular occurrence in the corporate world, would become very difficult.
“Upgrading your security is important, but there will always be vulnerabilities,” he stated, stressing that all vulnerabilities are not the same.
Thus, there is a need to address managerial, organizational, and strategic aspects of cybersecurity by leaders and decision-makers.
Meanwhile, as part of the effort to safeguard the workplace, the CWG Boss has urged senior business executives to develop a cybersecurity framework, as hackers are getting better at offence while companies aren’t getting better at defence.
The framework, according to him, includes developing an organizational understanding of cybersecurity risk, developing and implementing the appropriate safeguards.
“Organizations should be able to develop activities to identify the occurrence of a cybersecurity event, develop activities to take action on a detected cybersecurity event and develop plans to restore capabilities impaired due to a cybersecurity event,” he added.