Capital market stakeholders across the spectrum are as primed as ever to take action on an issue that affects us all: cyber-security. Fifty percent of U.S. chief executives say they are “extremely concerned” about cyber threats, according to a recent survey by PwC. Boards of directors are engaged on the issue, while investors overwhelmingly perceive cyber-security attacks as one the biggest risks to their portfolios. For policymakers at home and overseas, cyber-security continues to climb the list of priorities.
This rising cyber-awareness is necessary and fitting, given the urgency of confronting cyber-security threats and the astonishing aggregate cost of today’s cyber-attacks. Yet, as momentum picks up, we must carefully consider our overall approach to cyber-security risk management—there are several possible paths ahead. Moreover, cyber-security is particularly challenging terrain, given its complex and shifting nature. Organizations face varying threats and actors, all in the context of relentless and rapid technological change.
