…the most important step is the most obvious and fundamental one: understanding the threat in a comprehensive, serious manner. Every member of a board or executive suite is duty bound to protect the institution against material risk, whether they currently possess particular expertise or not. And yet, how many companies have a concrete plan in place to deal with a hack? How many conduct independent audits of their cybervulnerabilities? The answer, many in my position fear, is too few.
Some say we are outgunned. But in my view, it is less a matter of being outgunned than being simply outdated ”” in our thinking and in our vision. Yes, there is an army of computer saboteurs, spies, thieves and nihilists who wish to do us harm. But we have an army, too, or at least the makings of one, which can draw from the best of law enforcement, intelligence, business and academia.