Open/Close Menu CGOC is a forum of over 3400 legal, IT, records and information management professionals from corporations and government agencies. For over a decade, CGOC has been advancing governance practices and driving thought leadership across the industry.

10 Critical Steps to Create a Culture of Cybersecurity

by Edward J. McAndrew

Businesses are more vulnerable than they need to be. Here's what you can do about it.

Despite constant headlines about cyber attacks, organizations continue to leave their systems and data unnecessarily vulnerable. Cyber incidents result in the loss of reputation, enterprise value, and jobs, not to mention regulatory fines and civil litigation. According to Kaspersky Labs and the Ponemon Institute, 90% of businesses have experienced a cyber attack, with an average cost per breach of $3.6 million. Ponemon estimates that 27.7% of organizations surveyed will likely suffer another material breach within the next two years.

Although eliminating all cyber incidents is impossible, a "unified governance" approach that combines security with data management and information governance (IG) can help create a business culture that promotes a strong defense.

Click here to read about the 10 steps you can follow to create a culture of cybersecurity.

The passage is excerpted from a July 26, 2017, article on the website Dark Reading, written by Edward J. McAndrew, Partner & Co-Chair, Privacy & Data Security Group, Ballard Spahr LLP, Faculty Member of the Compliance, Governance & Oversight Council (CGOC).

CGOC focuses on the importance of information lifecycle governance to mitigate risk, reduce cost and increase the value of information. Join our community today to learn more.