|Research report from ASIS Foundation and University of Phoenix declared that cyber-security would rank as top security risk for next five years|
Check out the research available from the ASIS Foundation. It is proving to be right on the button.
When the Guardians of Peace hacked Sony Pictures Entertainment late in 2014, they crashed the studio’s email, leaked films and scattered personnel data across the Internet.
By mid-December, four class-action lawsuits had hit Sony, claiming that the company had not taken adequate cyber-security precautions.
How about your company? Are you prepared to withstand a cyber-attack? Are you at least worried? If not, you probably should start to worry.
In August of last year, a prescient research report from the ASIS Foundation and the University of Phoenix, “Security Industry Survey of Risks and Professional Competencies,” declared that cyber-security would rank as the top security risk for the next five years.
The ASIS Foundation is a non-profit arm of ASIS International. It awards scholarships to students pursuing a career in security management and conducts high-quality contemporary research designed to serve the security profession.
The University of Phoenix takes an interest in security through its College of Criminal Justice and Security.
“The ASIS Foundation and University of Phoenix have been doing great work,” said Dave Tyson, CPP, CISSP, president of ASIS. “On the research side, they produce crisp academic studies with conclusions that make sense.”
The “Survey of Risks” interviewed 483 respondents carefully selected from 1,800 ASIS members who indicated an interest in participating in the survey.
The 483 respondents ranked the top enterprise security risks for the next five years as: cyber-security, crime, mobile technology, natural disasters, and globalisation.
The report pointed to cyber-security risks from organized external groups, such as the Guardians of Peace, rogue hackers, terrorists or internal personnel with criminal intentions.
Crime risks, as always, arise from theft, fraud and violence from inside and outside of organizations.
The proliferation of mobile technology, of course, poses risks to proprietary data.
The increased frequency of natural disasters such as floods, earthquakes and wildfires is creating ever-greater risks.
Finally, the globalisation of commerce gives rise to physical and intellectual property risks related to geopolitical conflicts.
The respondents also ranked 22 core competencies considered critical to responding to these risks. Topping the list of competencies are decision-making, oral communication, anticipatory thinking, maximising the performance of others, collaboration, self-regulation and persuasive influencing.
The ASIS Foundation and University of Phoenix conducted a similar survey in 2013 and came away with similar results. The same five risks topped the 2013 list. Cyber-security topped the list back then as well, although the other four were in different order. Mobile technology risks, which might be considered a category of cyber, ranked second in that survey.
Globalisation, natural disasters and crime, in that order, followed.
The 483 respondents ranked the top enterprise security risks for the next five years as: cyber-security, crime, mobile technology, natural disasters, and globalisation
The 2013 survey also cited a similar list of competencies: enterprise risk management, business and financial management, diverse leadership and communication skills, anticipatory and strategic thinking and technological knowledge and ability.
Both reports recommend viewing the top competencies as a way to guide training and educational efforts for individuals preparing for careers in security.
The competency rankings can also provide a frame of reference for personnel decisions.
Moving forward, the focus of ASIS Foundation and University of Phoenix training is shifting, according to ASIS President Tyson. “The next step is to develop a career ladder for security professionals,” he said. “If you are a security officer today, what is the next position up the ladder for you? If you are managing a guard company, today, and you want to become a chief security officer, what are your next steps? This is the Foundation’s focus now.”