
Partner Ecosystem
Explore CGI's partner ecosystem to find solutions to today's challenges
Explore CGI's partner ecosystem to find solutions to today's challenges
Leaders are embracing new ways of thinking and working not ...
How clients create value during a time of unprecedented change
CGI is a proud sponsor of The Global Treasurer’s Transaction ...
This report presents executive insights on evolving priorities in the ...
The 2019 CGI Client Global Insights present the findings from ...
CGI UK President Tara McGeehan explains how women have shaped ...
Technical literacy, community well-being and environmental sustainability are the priorities ...
The sophistication and persistence of cyber-attacks are driven by the attractiveness of an organization’s role and assets. Often they are conducted by highly skilled international organized crime groups or foreign nation states that aim their attacks not just at government entities, but also at corporations, including those with large-scale financial and credit card assets and foreign investments, and those in the strategic resources sector.
These sophisticated threat actors seek to exploit a range of weaknesses in the target environment—weaknesses that proliferate as customers, citizens and institutions become increasingly digital. In CGI’s experience, these weaknesses or gaps are found not just in technology, but also in procedural safeguards or vulnerability management practices. The best technology in the world, if poorly applied or employed, cannot provide a sufficient defense against such threats.
Too often we see organizations implement technical security safeguards, but fail to implement proper security policies or procedures. As a result, weak practices persist that undermine security and expose assets to significant risk. The reverse is also true and may pose an even greater threat. Leaders in organizations may be confident that they have defined security policies and standards, but are unaware that, in actuality, those policies and standards have not been implemented consistently within the enterprise. In either case, this is an uncontrolled risk for which they are accountable.
Adequate security and governance of information assets no longer can be achieved on an ad hoc basis, nor addressed by technology alone. A holistic approach is needed that applies effective risk management and good governance throughout the organization, with the key values of visibility, accountability and responsibility exercised at all levels.
Based on working with clients across various industries, we’ve developed 10 measures for good IT security governance to help organizations better manage risks and achieve security resilience while they reap the benefits that will come from their digital transformation:
I invite you to read more on this topic in our white paper on IT Security Governance.
Burns has more than 30 years of experience in IT and security working with government and industry clients. Projects have included IT security, policy and planning, risk and threat policy analysis, command and control, technical assessment and evaluation, knowledge interfaces, and business performance considerations. He ...
October 20, 2020 In the new normal, education is key to helping people understand emerging cyber threats. While they juggle work and life at home, we need to support individuals by providing the ...
Digital transformation, also referred to as Industry 4.0, smart industry and smart manufacturing, has risen to the top of the C-level agenda. This transformation is driving innovation in new products ...
In 2020, we met with 1,447 business and IT executives across banking, communications, government, health and life sciences, insurance, manufacturing, oil and gas, retail and consumer services, transportation and logistics, ...
Add new comment
Blog moderation guidelines and term of use