![European American Chamber of Commerce New York [EACCNY] | Your Partner for Transatlantic Business Resources](https://eaccny.com/wp-content/uploads/2020/06/eaccny-logo.png){kind=logo}
Once a minor component of Operational Risk, Technology Risk and its related impacts are dominant in the global risk mosaic – affecting individuals, enterprises, governments and society. Information and Communications Technology (ICT) risk embodies a complex, vulnerable Enterprise Eco-system of digital elements (operating within their larger risk-laden Industry Eco-system) than has been considered in traditional Cyber Security analyses. The coming decade will see risk from an expansive portfolio of technologies that includes:
- Core technologies that create, manipulate, process, store, communicate or control information, including:
- Computers – Digital, Quantum, Memory Systems, FPGAs
- Control Systems – PLCs, Sensors, PID SW, Digital Signal Processors
- Local and Broadband Networks – particularly Low Latency 5G
- Cryptography and Data Obfuscation
- AI
- Application technologies and processes employing core technologies to provide or assist enterprise or personal endeavors, including:
- Supply Chain Management, through which enterprises interact with their Industry Ecosystem
- Privacy – PII, Enterprise Insider Information, Classified Information
- IoT – SCADA, PID
- FINTECH
- Cloud
- Data representing Information artifacts and Real-time Control Signals and their associated Sensor Readings
Eco-systems’ integration of new and emerging technologies, applications and information artifacts, upon which agencies and enterprises rely to operate, creates a real-time, complex “systems-of- systems,” composed of thousands of interdependent components and myriad channels. They operate in a rapidly changing socio-political environment that presents threats from individual, group and state actors with shifting alliances, attitudes and agendas that – once triggered – have a runaway effect with multiple, severe, often irreversible consequences.
We cannot stop all breaches, deter potential adversaries nor afford to fund all needed security protections
- Learn to anticipate high-impact emergent threats (skate where the puck will be – Wayne Gretzky) and evolve truly resilient systems (absorb “rope-a-dope” punches and defeat your tired and spent adversary – Muhammad Ali)
- Model Eco-systems with a wide-angle lens – look at the whole picture from adversary to infrastructure to business unit operations to enterprise exposure to shareholder/stakeholder value and volatility
- Integrating digital HW/SW behavior models with actors’ behavior models and financial models to uncover systemic risks from propagating
- For which there are individual tools and model integration methodologies.
- Model Eco-systems with a wide-angle lens – look at the whole picture from adversary to infrastructure to business unit operations to enterprise exposure to shareholder/stakeholder value and volatility
- Quantify Enterprise Risk consequences in well understood Financial, Mission and Reputation/Trust consequences to enable enterprise risk triage:
- Among and between high impact and low impact (acceptable) technology risks
- Among and between technology and non-technology enterprise risks
Author:
- Bob Gardner, Founding Partner, New World Technology Partners
Compliments of New World Technology Partners – a member of the EACCNY.