Artikkeli
Demystifying Cyber
Episode 4
Cyber impacts on us all. For most non-cyber leaders, cyber remains a mystery. While the risk of threat may be recognised, the impact is often hard to understand or appreciate. Deloitte’s podcast series, Demystifying Cyber, attempts to demystify cyber for business executives and senior leaders.
In this episode, we sit down with Pauliina Hartikainen, Head of Cybersecurity Culture and Awareness at KONE, and host Karthi Pillay, Cyber Risk Leader at Deloitte.
Demystifying cyber is a marathon rather than a sprint, and as a long-distance runner Pauliina understands how much stamina is needed for both. For her, building cybersecurity resilience is a journey that requires ongoing effort, a clear mission, and actionable goals. When demystifying cyber to business leaders, Pauliina emphasizes the importance of listening, speaking in their language and making the topics relatable.
Key takeaways:
- Demystifying cyber does not start nor end with cyber. It's important for cybersecurity professionals to really listen to and understand the business they're protecting and translate cybersecurity into the language of the business. By doing this, they can help the business see the relevance of cybersecurity to their daily operations.
- Cybersecurity is an ongoing journey, not a destination. Before businesses can use cybersecurity as a competitive advantage, they need to have the basic building blocks in place and understand where their journey should be heading. Only then can they start to think about how cybersecurity can transform from a hygiene factor to a new business opportunity.
- Cyber is everywhere. In today's world, cybersecurity is deeply embedded in geopolitical, economic, and other ongoing events impacting the business. However, it often goes unnoticed until something goes wrong. Cybersecurity professionals have the important task of making sure that cybersecurity is visible to the business, while also recognizing that executives have many competing priorities to manage. To achieve this, it's important to provide business executives with timely and relevant information about cyber threats and events, while emphasizing how these events are impacting the business.
- Building a cybersecurity culture doesn't mean making everyone a cybersecurity expert. Cybersecurity professionals need to make cybersecurity tangible for the business while being proud of their expertise in the field. This means breaking down the mystique around cybersecurity and making it more accessible to non-experts.
- To maintain cyber stamina, cybersecurity topics need to stay relevant. This means tying cybersecurity into topical events and communicating it from a business perspective, rather than just a risk perspective. By doing this, businesses can stay ahead of emerging threats and maintain their cybersecurity posture.