|

Trinidad Cyber Breaches: A Lack of Effective Risk Management

When will “lessons learned” form part of the decision-making process?

Risks eventuated because of these breaches are as follows but not limited to: Communication risks, people risk, risk culture, enterprise risks, Operational risks, IT risks, Cyber risks, and financial risks = Reputational risk

Many (definitely not all) of the leaders of institutions either don’t seem to know the full range of the impact/probabilities of the risks they are exposed to, or if they do know, it appears they are ambivalent or worse, don’t care. One reason might be that they don’t have any “skin in the game.” There are no consequences to their inactions, no accountability. Some may even believe they are all-knowing when they should endeavor to be all-learning. (no Intellectual humility)

Perhaps we should focus more on the philosophy that “an amateur practices until they get it right; a professional practice until they can’t get it wrong,” as the great Julie Andrews quotes. Unfortunately, the current poly-crises environment we are working/living in does not allow for a deep learning curve or more practice sessions. Having said that, I was told by some colleagues that some leaders need time to understand cybersecurity and other business risks that they are exposed to and that it is a “marathon and not a sprint.” Folks, in my respectful view, this is the wrong approach; institutions do not have the luxury of time on their side, risks are not static or will wait on a “marathon”: the velocity of risks is such that it is, in fact, a sprint. Furthermore, risks are too interconnected, volatile, uncertain, and hyper-connected to have a “marathon” mindset.

My Apologies: I have taken a point of privilege to vent, but I believe we will see many more of these massive negative disruptions unless and until the “behaviour” of leaders and decision-makers changes.

#cobra effect, #dunningkruger, Schrödinger’s cat paradox, #upksilling, #unlearning, #newthinking, #normaliation of deviance, #leadership, #riskmanagement

Similar Posts

|

What Risks Precede a Cyber Attack?

ByKen Hackshaw

Cyber attacks have resulted in significant consequences for organizations of all sizes and sectors in the Caribbean, and it is essential to be aware of the risks that can precede them or risks that can act as  “risk sources” for a cyber attack. One of those “risks” that has been identified as a possible major source is that of work…

|

Artificial Intelligence and Risk Management: How Prepared Are You?

ByKen Hackshaw

Did you know that: According to NIST: AI systems are inherently socio-technical in nature, meaning societal dynamics and human behavior influence them. AI risks – and benefits – can emerge from the interplay of technical aspects combined with societal factors related to how a system is used, its interactions with other AI systems, who operates it, and…

|

Cyber Risk: The “Little Spoken of” Risk to the Caribbean and its Institutions

ByKen Hackshaw

As noted by industry specialists and practitioners, Latin America and the Caribbean (LAC) has become a new frontier for cyber-attacks and crime at an estimated cost of around US$100 billion per year. (IDB 2017 report) The Cipher Brief, a digital, security-based platform that connects the private sector with the world’s leading security experts, recently noted that…

|

Managing Cybersecurity Risks: The Value of Enterprise Risk Management

ByKen Hackshaw

“The Office of the Attorney General and Ministry of Legal Affairs (AGLA) (Trinidad and Tobago) has detected a cyber-attack on its network. In a media release yesterday, The Ministry of Digital Transformation said that “This unauthorized and illegal access has negatively impacted operations at the AGLA and certain associated Divisions. Having taken actions to minimize…

|

Global Cyber Breach: The Need to Manage Vendor Risks, People Risks and More…

ByKen Hackshaw

Several US federal government agencies have been hit in a global cyberattack by Russian cybercriminals that exploits a vulnerability in widely used software, according to a top US cybersecurity agency. Aside from US government agencies, “several hundred” companies and organizations in the US could be affected by the hacking spree, (according to a CNN report). Since late last month,…

|

FTX Bankruptcy: Are You or Your Company Impacted?

ByKen Hackshaw

FTX Trading filed for Chapter 11 bankruptcy last Friday capping a sudden and startling downfall for one of the world’s largest cryptocurrency exchanges and founder and CEO Sam Bankman-Fried has resigned from the company as its CEO. Admittedly, I am no “friend” of cryptocurrency exchanges for reasons I will explain under separate cover at another…