The Role of IoT in IT Risk Management
The market leader for governance, risk and compliance (GRC) applications—MetricStream—recently conducted a survey to assess the maturity of IT risk management processes, in which over 120 global companies from over 20 different industrial domains participated. Roughly 44 percent of the enterprises opined that IoT had the potential to be a game-changer in combating the top five IT threats namely, malware infections, security breaches, compliance violations and regulatory actions, account phishing, and spoofing of company employees. Participants viewed IoT, followed by cloud, BYOD, fintech, and blockchain as the technologies having the greatest potential in securing the enterprise IT environment. However, it is worth noting that IoT itself is being used for destructive purposes by the cybercriminals. The Mirai botnet that caused extensive damage to the website of American journalist Brian Krebs, or the IoTroop that shares a code base with Mirai are IoT-based. Therefore, the key to safeguarding enterprise environments lies in implementing the best practices for cyber security.
CheckThis Out: Top Risk Management Companies
French Caldwell, chief evangelist from MetricStream, opined that an IT-powered GRC solution could provide risk intelligence on a timely basis, besides automating the workflows. Enterprises have largely moved on to software-based GRC solutions as indicated by the survey, wherein 75 percent of the respondents reported a CMMI maturity level of 3 or higher. However, among the participants from the banking sector, 52 percent admitted to having an IT risk management maturity of level 1 or level 2. This proves to be an area of concern as employees with inadequate training could unintentionally open doors for cyber threats in the banking ecosystem. The fact that account phishing and spoofing feature in the list of threats indicates a need for companies to invest more in training the employees in best practices with regard to combating cyber attacks.
By Tom Conophy, CIO, Staples Inc.
By Joe Touey, SVP, GSK North America Pharmaceuticals IT
By Eric Tamblyn, Global VP-Guru Managed Services, Genesys
By Charlie Isaacs, CTO, IoT, Salesforce
By Jonathan Rosenberg, VP & CTO, Collaboration, Cisco
By Dave Doyle, CIO & SVP, IT, Regal Entertainment Group
By Jeffrey Keisling, CIO and SVP, Pfizer
By Colin Boyd, VP & CIO, Joy Global Inc
By George Hines, CIO, Massage Envy
By Mark Jacobsohn, SVP, Booz Allen Hamilton
By Mike Gioja, CIO and SVP of IT, Product Management and...
By Nathan Johnson, SVP and CIO, Werner Enterprises [NASDAQ:...
By Darrell Edwards, SVP and Chief Supply Chain Officer,...
By Hannah Datz, VP Retail North America, SAP Hybris
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Robert Garrison, CIO, DTCC
By Mike Sakamoto, CTO, California Department of Health Care...
By Bradley Peterson, EVP & CIO, NASDAQ
By Steve Betts, SVP and CIO, Blue Cross and Blue Shield and...
By Kathryn Kai-ling (Ho) Frederick, EVP, Growth & Insights,...