The biggest threat to our domestic security could very well be lurking within a computer on your desk. According to the US’s Director of National Intelligence James Clapper, cyber-vulnerabilities are now the number one risk facing the United States and its allies; ahead of terrorism and weapons of mass destruction.
And yet, despite this very real and credible threat, business organizations and institutions continue to take only the bare minimum measures to protect themselves from cyber-risk. As a result, many organizations are woefully unprepared to fend off a cyber-attack.
Some of the biggest brands in North America and the world — Target, Home Depot and eBay — have experienced significant cyber security breaches. However the most vulnerable Canadian companies of all to the threat of cyber-risk are small to mid-sized business, 60% of which have no security strategy in place and no way to prepare their networks to securely support new mobile or cloud-based models.
So, it is not about “if” a data breach will occur in your business. It is simply a matter of “when.” And clearly, we need to devise a better and more proactive way to help businesses of all sizes manage that risk.
In a new whitepaper  by Canadian Centre for Cyber Risk Management (C3RM) Managing Director Doug Blakey and Dr. Ann Cavoukian, Executive Director of the Privacy and Big Data Institute at Ryerson University, the Centre for Cyber Risk Management (C3RM) introduce Cyber Risk Management by Design (CRMbD). CRMbD is a best practices framework for cyber risk prevention, aimed at protecting not only the individuals within an organization, but the organization itself.
Using seven foundational principles, CRMbD introduces a cyber-risk prevention strategy that can be used to:
- protect individuals from personal identity theft; save early-stage companies such as start-ups from losing their intellectual property (IP);
- minimize media embarrassment and financial loss for mid-sized businesses resulting from a cyber-breach; and
- mitigate broad scale risk to enterprises and their trading partners in the event of a successful attack.
Cyber-risk is a significant threat to our personal privacy and business security. However, by changing our mindset and by improving our approach, we can substantially reduce the risk to individuals and to business of all sizes. C3RM’s CRMbD framework sets out a proven and very practical approach for businesses to employ in assessing that risk, and to containing it from the very beginning.
Interested in learning more about the CRMbD framework and how it can help your business minimize cyber-risk? Request a complimentary copy of the whitepaper “Cyber Risk Management by Design” today.
 Worldwide Threat Assessment of the United States Intelligence Community.
Armina Ligaya, “ Canada’s small and medium-sized firms vulnerable to cyber attacks,” Financial Post, December 2014.
 Canadian Centre for Cyber Risk Management “Cyber Risk Management by Design – An Approach for Managing the Privacy and Security Risks Associated with the Use of Cyber Systems”