CIO Cyber & Risk Network May 2019
The Cyber and Risk Network May gathering focused on the following areas:
1. External forces and the impact of changing external obligations. In the finance, critical infrastructure sectors there are specific regulatory obligations that are changing how company directors are viewing cyber risks. Also, as the wider industry becomes more familiar with the Office of the Australian Information Commissioner's Notifiable Data Breach scheme (NDB) we are seeing a similar shift in conversation around PII collection and storage. These external obligations are impacting not only technology and the running of the technology business, but also expecting material shifts in security capability maturity, and also business workflows, oversight and accountability.
2. Some of the security issues they're dealing with, and how their businesses are responding to these; the impact on budgets, training, culture and technology.
3. Culture. The final discussion centred on how they were guiding their organisations to start looking for the secure way of doing work, who was championing these culture change efforts, and surprising wins.