Information Risk Management Best Practices in an Emerging Technological Landscape

From CEOs to college students, cybersecurity is on everyone’s radar; and cyberattacks aren’t disappearing anytime soon. For businesses, these incidents are inevitable. It’s not a matter of if a breach will occur but when. Therefore, it’s critical that companies continuously evaluate their cybersecurity tools and processes to help prevent, detect and manage the repercussions of a cyberattack. However, it’s understandable how many business decision makers get overwhelmed at the prospect of implementing IRM policies and investing in solutions. The types of cyberthreats they are aiming to prevent are varied and ever-changing and cybersecurity software options are seemingly endless. 
Too often, as a result of incorrect or insufficient information, businesses either forgo cybersecurity entirely or they select the newest, shiniest tool because “it has to be the best.” The truth is, from blockchain to artificial intelligence (AI) to machine learning and beyond, not all new technology will suit every business or mesh well with current cybersecurity measures. The first step is understanding technologies beyond the hype.
There is a lot of confusion surrounding AI and machine learning/robotic process automation (RPA). The two may seem similar but are actually very different. The true definition of artificial intelligence is the ability of a computer system to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages. On the other hand, RPA is defined as a computer system replicating tasks that a human being would normally do, similar to a sophisticated macro like those found in Microsoft Word or Excel. Companies use RPA for its various applications, like automating administrative tasks to providing call center-like services.
Another common buzzword these days is blockchain. In terms of widespread adoption, blockchain, an emerging technological advancement, is still in its infancy stages. The most popular and well-known use of blockchain is related to cryptocurrencies where blockchain is used to maintain a public transaction ledger. Bitcoin for example, is a cryptocurrency, which can be exchanged directly between two people without involving any third party, i.e. a bank. Bitcoins are created on a blockchain and stored in a virtual wallet.
Any developing technology can be paired with cybersecurity risks. AI, RPA, and blockchain are no exception. All have associated information security risks. For example, cryptocurrencies have been stolen from the virtual wallets by hackers who can never be found. However, it’s not all bad news. These technologies have proven useful in protecting against cybercrimes and governments are even using a few as part its extensive cybersecurity strategy. The trick at this stage in their development is to objectively evaluate how the use of AI, machine learning, blockchain or any combination of the three may fit into your cybersecurity needs. Don’t hesitate to consult a trusted IRM advisor before moving forward with a major investment in new protective tools and software to ensure that these solutions meet the unique cybersecurity needs of the business, are safe and reputable, and are in compliance with any relevant regulations. 
This article was written by John Roman,  the Chief Information Officer at The Bonadio Group, an independent firm associated with the Moore Global Network. © 2019. All rights reserved. Used with permission.