“One way for businesses to recognise developing threats is to get closer to international organisations, governments, or the think tank community that are in the business of strategic forecasting and predicting the interactions of elements that can produce a security crisis,” read a post by NATO deputy assistant secretary general for emerging security challenges Jamie Shea on the Federation of European Risk Management Associations (FERMA) website.
He said many of these organisations not only publish their forecasts but are also keen to establish partnerships that will facilitate sharing of analyses and methodologies. NATO, for instance, is into intelligence exchange and data fusion.
Shea added: “Private companies own and operate 90% of information technology networks, so they are often in the lead for early warning, threat assessments and analysis, and the innovative ideas that can help us achieve a more secure cyber space.”
Real-time information, according to him, is shared by NATO through a dedicated malware information-sharing platform established with industry partners. “We would also like to see processes for this type of information sharing included in the cyber risk governance structures of business,” he said.
For Shea, instead of ‘building walls’ around data, risk management models should enable proper assessment of the value of different types of data in order to come up with the appropriate protection.
Catastrophe aggregation a hot topic at inaugural conference
Willis Re sheds light on rise of “silent cyber” exposure
Sharing can go a long way when it comes to risk management, and a NATO official believes risk managers can learn from those in the strategic forecasting space.