The Federal Office for Information Security (BSI) and the Internet Security Alliance (ISA) have jointly developed a new manual on cyber security for management, which aims to promote the importance of IT security at the management level and integrate it into the risk management strategy. The manual, entitled “Management of Cyber Risks,” is updated and now contains six major principles.
One of the key sections of the updated manual is the description of a corporate culture that takes IT security into account throughout, which increases the resilience of the company. This section outlines how managers can encourage employees to incorporate cyber security practices into their daily work.
Another new addition to the manual is the BSI toolkit that accompanies the handbook. This toolkit illustrates the principles of the manual with guidelines, making it easier for businesses to implement the recommendations.
The BSI emphasizes that IT security officers require adequate support from the executive floor to ensure that the organization remains secure. The executive team must also develop a clear understanding of the cyber threat situation.
According to Larry Clinton, President of the ISA, organizations that utilize the manual can expect an 82 percent reduction in cyber incidents without increasing costs. The ISA collaborated with the World Economic Forum and the Massachusetts Institute of Technology (MIT) to develop the study, which highlights the importance of manuals like “Cyber Risk Management.”
The manual emerged as part of the Alliance for Cyber Security and is available on the Allianz website for download. By encouraging organizations to adopt a corporate culture that prioritizes IT security, the manual aims to increase the security of businesses and reduce cyber incidents.
