Risk management has the potential to be only reactive, directed by a belief that a risk must exist for it to be contained, minimized, or offset. Yet, good risk management tools and processes tend to be expansive, flexible, and forward thinking, meaning that solutions can be in place ahead of a threat emerging.
Such contingencies are easiest to incorporate when risks evolve slowly and predictably. Cyber risks tend to do neither. The frequency of cyber threats, the paths that they travel, and the size of their potential impact have all multiplied, often unpredictably, in recent years. That has left mitigants, including security systems, staff training, and insurance, often playing catchup.
To cope with this dynamism, S&P Global Ratings believes that organizations need to recognize the evolving nature of cyber threats and embed in their risk management frameworks cyber security policies and practices suited to that challenge. That is a theme that runs throughout this compilation of recent articles which provide our insights into cyber risk.
Read on to learn more.
This report does not constitute a rating action.
