Why Is Cyber Risk an Issue?

Abstract

The question “Why is cyber risk an issue?” pinpoints the leadership challenge that cyber risk poses. The chapter begins with a WannaCry case study that demonstrates how cyberattacks can impact every aspect of organizations given the pervasive nature of digital systems. The chapter describes how leadership must address cyber risk by analyzing the organization’s unique threats, its vulnerabilities, and the impact an attack can have on the organization. It describes how mitigation measures minimize cyber vulnerabilities and maximize an organization’s ability to respond to cyberattacks. It emphasizes that leadership must strategically manage cyber risk through carefully selected mitigations. This chapter introduces how an Embedded Endurance cyber risk strategy offers a systems-level approach to mitigating cyber risk by addressing interdependent components of the organization’s risk and preparing for the inevitability of cyber threats over the long term, and details real-world Embedded Endurance cyber risk strategy experiences.