Nearly 500 years ago Nicolaus Copernicus published a theory that turned the world on its head. He proposed that the sun was as the center of the universe, and that the earth was a planet revolving around the sun. His heliocentric theory met with abundant skepticism, for it flew in the face of accepted scientific and religious beliefs. Copernicus was not the first to advance the theory that the sun was at the center of the universe, but his rigorous modeling made refutation more difficult, and ultimately changed the way we view the universe.
Those who cause us to look at the universe differently provide a great service, even if they do not offer the contribution of a Copernicus. In that vein I give you William H. Saito, Special Advisor to the Cabinet Office for the Government of Japan, and Vice Chairman for Palo Alto Networks Japan. Writing in Forbes, Mr. Saito suggests that far too many corporate executives and boards of directors tend to view cybersecurity as costly, complex, inefficient, and a damper on productivity. Instead, he advocates seeing cybersecurity as a profit center, in which holistic cyber solutions are used to reduce costs and increase efficiencies.
One point Mr. Saito makes is particularly salient. He notes that cybersecurity cannot be viewed simply as an IT issue. “It’s another form of risk that happens to cut across every organization. It’s also a board issue and a critical priority for management as well as shareholders. That’s an important point to make when it’s shareholder meeting season, as it is now here in Japan. Investors should be asking their companies what their cybersecurity policy is in terms of its defensive position, breach response protocols, resilience and governance and business continuity. They should also be asking how their company is using cybersecurity as an opportunity to enhance resilience, increase productivity and efficiency and what related products or services they are rolling out.”
Looking at cybersecurity as a profit center is an interesting concept. While it may not have the lasting impact of the heliocentric theory, it does offer a useful reminder that examining our beliefs can lead to progress. There is some evidence that a growing number of corporate executives are seeing cybersecurity as a way to gain competitive advantage, a claim that could turn the world of cyber risk management on its head.
By Tom Davis, SDI Cyber Risk Practice
July 5, 2016