Chief Information Risk Officer at Silicon Valley Bank, serving some of the world’s most innovative companies and their investors.
Even as the world goes through stark and unpredictable changes, there are foundational principles of information risk management that continue to hold true. One of those tenets is that data is often free and easily shared. Another is that all code will inevitably contain errors that manifest as software bugs, which will also proliferate.
When it comes to cybersecurity, the efficacy of controls always degrades over time. You might put a perfectly-engineered risk management system in place today, but if you don’t actively cultivate it like an organic, living garden, entropy will eventually set in. When entropy takes hold, it creates technical debt, whereby the longer an organization operates, the more risk it incurs through aging technology that must be patched or replaced.
This means that organizations need to