Dynamic cyber-threats, evolving regulatory enforcement, and continuous technological advances portend that every company should expect investigative scrutiny of its technological risk management processes. Implementing technical measures is not enough. Compliance executives must design programs and implement protocols to proactively identify and manage the enterprise risk posed by data theft and economic espionage.
Organizations with valuable intellectual property, sensitive data, and novel technologies face an unprecedented technological risk landscape. Sophisticated hackers, often sponsored by foreign governments, can target any organization. The Cyberspace Solarium Commission warned that “our adversaries have developed new tools that hold data and essential information systems at risk [and] … enable more sophisticated cyberattacks at greater scale, for lower cost, and by a host of capable adversaries.”
