Home Research PapersDue potential risk both from internal and external attacks,

Due potential risk both from internal and external attacks,

Due to the increasing dependence of digital
teachnologies to conduct operations, cybersecurity became important due to
cyber risk or incidents. Cyber risk a company may face includes remediation cost
for stolen assets or information as well as the repair cost of system damage
that may have been caused, an increase it budget on cybersecurity, lost revenue
from unauthorized use of proprietary information, litigation and most
importantly reputation damage that deters customers or investors.


Since 2011, the Security and Exchange
Commission (SEC) has established the CF Disclosure Guidance: Topic no.2 to make
companies disclose their obligations relating to cybersecurity risk and cyber
incidents, the third line of defense from cyber attacks have fallen to the
hands of internal audits. As an internal audit, several responsibility that is
given includes working with management and board of directors to develop cyber
security strategy, improving the company’s resistance to potential risk both
from internal and external attacks, keeping a current understanding of potential
cyber risk and make sure everyone is highly engaged due to the everchanging
nature of cyber risk, make sure the number of personnel working on
cybersecurity is sufficient and evaluate the cyber security program with the
NIST Cybersecurity framework, ISO 27001 and 27002 and disclosing event of cuber
incidents at a timely manner.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now


However, due to the aforementioned
everchanging nature of technology and cyber risk, it is hard to stay in the
arms race. In June of 2017, a global ransomware attack happened and due to
being a new type of malware, it remain undetected when the malware enters the
system. So I think using AI through the process of machine learning, it can
help identify the security risk. As Simon Crosby from Bromium said, the AI is
not going to be perfect, but it can help to reduce the burden placed on internal
auditors on cybersecurity, since they learn from previous attacks and identify
the holes in the cybersecurity.


I'm Alfred!

Would you like to get a custom essay? How about receiving a customized one?

Check it out