Getting your Trinity Audio player ready...
|
usinesses must make cyber risk management an integral part of their business strategy so as to match the dynamic and ubiquitous new age cyber risks, Peter Kahiigi, Chief Technology Officer – Centenary Technology Services, has advised.
He was speaking at a PwC Uganda-organised Non-Executive Director (NED) Forum to discuss managing cyber risk in commercial entities.
‘Today, it is easier to steal electronically than it is to break into a bank, as an example, owing to the convenience that comes with digital technologies. Cyber risk management is no longer a practice to be relegated to the back of the room,” Mr. Kahiigi said in his keynote titled, ‘The oversight role of the Board & Non-Executive Directions for Cyber Risk Management’.
‘As a director, you need to link cybersecurity strategy to business strategy. Move away from checklists and quantify IT and cyber risk,’ he added.
Uthman Mayanja, the Country Senior Partner – PwC Uganda, advised the NEDs to, amidst the rush to automate and digitise, equally invest in comprehensively understanding and mitigating the risks involved.
“For most directors, the lines are blurred – a lot of expectation is placed on a director, sometimes without the tools to operate and succeed,” he said, adding: “We like automation and the convenience that comes from it. We don’t bother to understand how the automation happens and its inherent risk. Risk comprehension is important in the rush to adopt”.
The role of today’s Non-Executive Director (NED) is increasingly challenging with economic and geopolitical pressures, ESG concerns, supply chain issues, shareholder activism, demands for talent, loss of trust, technological advances and growing regulatory requirements all adding to the NED burden. At the same time, companies have to look beyond traditional markets for growth, which means that strategy is being set, and decisions are being taken by the Board, in areas with which they may be less familiar.
The PwC NED series aims to support NEDs via a series of briefings, workshops and other one-off events to help address the need to keep up to date with Board issues and to assist directors to respond to the challenges they face. The programme combines the provision of expert knowledge with the invaluable sharing of experiences and ideas with peers.