In daily life as an individual, you rely on others – from neighbors to police to lawyers and judges to armed forces – for protection against threats of all kinds. At the same time, you also bear responsibility: the more careless or inclined toward risk you are, the less secure you become.
In a recent interview for a technical blog, I mentioned that I heard keynote speaker former U.S. Attorney General John Ashcroft (at the 2016 Securities Industry and Financial Markets Association’s (SIFMA) Internal Auditors Society conference) reference that organizations should prepare to adopt what he called “anticipatory compliance.” This concept involves outsourcers being able to demonstrate that they are actively anticipating, studying and acting on perceived threats (cyber and otherwise) both internally and with their outsourced business partners.
Cyber-attacks have topped the list of biggest threats to business for the second year in a row, followed closely by data threats and an unexpected IT/telecoms outage – according to the fifth annual Horizon Scan Report published by the Business Continuity Institute (BCI) in association with BSI (British Standards Institution). As these threats, coupled with a challenging and ever-changing business environment plague the worried minds of MDs and IT practitioners, it seems only feasible that companies would act quickly to prepare themselves for a disruption.