• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

How Cyber Risks Have Become Business Risks

by CXO Staff
August 1, 2024
in Opinions

Alain Sanchez, EMEA CISO, Fortinet discusses how cyber risks have become integral business risks, necessitating a holistic and strategic approach to cybersecurity involving both CISOs and corporate leadership.

How Cyber Risks Have Become Business Risks

Cyber risk is business risk. Anything that threatens IT threatens the company. We have become extremely dependent upon our digital assets. As a result, business leaders need to realise the magnitude of the change. The essence of what visionaries have shared with me in the last couple of months shows how much cybersecurity is now a permanent topic of discussion among chief information security officers (CISOs) and their corporate leadership.

Assessing Cyber Risks

Perhaps the most crucial role of the CISO is to rank cyber risks by order of actual impact. This requires an equal understanding of business and technology, as well as a sense of how objects that were never designed to be secure behave under attack. It is not an easy task, and not only for technological reasons.

Part of this assessment requires understanding the priorities inside the organisation’s value chain and securing them accordingly. The second challenge is to look beyond the organisation and see how outside forces may impact it. And among these external forces, we find the compliance framework. These new laws and regulations are necessary. They protect human beings, intellectual property, and the ability to invent and innovate. From this perspective, compliance standards are good. However, their demands are increasing daily.

This very duality, good and complex, challenges many IT departments. They must ask themselves: How do we integrate legal considerations into what used to be a pure technological battlefield? The solution is to start from the top. The board of directors should always have this duality in mind. The more directors know about cyber risks and government regulations, the better. Consider the European Union’s Digital Operations Resilience Act (DORA). This legislation is focused on the European banking and financial system. Still, its mindset and practices can be applied outside the financial domain, particularly as risk is a central component of these practices. More than ever, getting your board on board with cybersecurity risk is key today.

Mitigate Risks

In the past, resilience was more of a technical concept. It was about bringing back the servers. Today, it is a legal requirement documented by an auditable plan. We have moved from a series of technical steps to a contractual re-establishment of critical services.

Four types of considerations underpin these plans:

  • Prioritised recovery: A very delicate ranking that can only be established through a regular exchange between the board and the operations team. The board’s sign-off is crucial here. Otherwise, who would ever qualify their own activity as noncritical? However difficult to establish, this ranking is truly a fascinating exercise that brings the CISO and team to the heart of the business.
  • Defending strategies: Assessing the right combination of products, services, staffing, and processes is crucial. Less is more in this matter. After years of accumulation, cyber officers have realised the hard way that a maelstrom of products and vendors was not very efficient. The next era of security will happen via convergence, not addition.
  • Offer options: This is about providing information and an array of solutions in which, ultimately, the board makes the call. It is part of the CISO’s job to offer scenarios as a series of documented steps: investment 1, timeline 1, benefits 1, and risk 1. Then, the CISO can suggest a second and a third sequence of the above. Choosing how to proceed is the board’s job. This way, the CISO becomes an empowered execution lever for a consensual decision instead of being pinpointed as the only one to blame for the results.
  • Executive leadership: The CISO needs to report directly to the CEO, otherwise the job is a “widow maker.” The consequences of unclear or diluted support go beyond the discomfort of the position; the survival of the company is at stake. In 2024 and beyond, submitting cybersecurity to any other consideration than the company strategy is a major governance mistake. Like the Titanic shipbuilders who traded rescue boats for rooms on the sundeck.

Cybersecurity is not only about avoiding icebergs. It is a holistic approach that embraces all the active and passive security dimensions into one integrated platform. Holistic here does not mean monopolistic. Legacy, old-school, best-of-breed, and point solutions are facts of life. However, the number of technologies, vendors, processes, and the magnitude of digital transformations call for simplification. Too often, this maelstrom turns into major incidents that operate as wake-up calls. Then the question is not about the 1 million dollars we did not spend, but about the 100 million dollars we just lost.

Tags: cyber risksFortinet
ShareTweet

Related Posts

Channel Vision Strategy: Empowering cyber resilience
Opinions

What most businesses get wrong about data security

In today's AI-driven world, vast amounts of data are generated daily across industries like finance, e-commerce, healthcare, and government services....

June 11, 2025
Why private cloud matters
Opinions

Why private cloud matters

As digital transformation accelerates across industries, private cloud has become a vital infrastructure model for organisations seeking the flexibility of...

June 9, 2025

Discussion about this post

Latest Issue

Tech predictions for 2024 and beyond

Amazon’s Werner Vogels on how cloud, data, and culture are shaping AI

June 13, 2025
WSO2 acquires API analytics and monetisation startup Moesif

Bold visions, stronger partnerships: AWS co-innovates across the Middle East

June 13, 2025
NTT DATA launches AI-powered SDI services for Cisco products

NTT DATA launches AI-powered SDI services for Cisco products

June 13, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2024 - CXO Insight Middle East. All Rights Reserved.