We speak with two of EY’s cybersecurity experts James Packer, the board chair of ISC2, and Lutz Naake, a technology risk lead, about how the extent of today’s cyberattacks is not just an issue for IT but a risk to every function in the organisation.
This month, we discuss the evolving landscape of cyber risk management, focusing on healthcare and broader industry implications. James Parker, a cyber professional, shares insights from the 2017 WannaCry ransomware attack on the NHS, highlighting the lack of cyber skills and awareness among staff, and the slow prioritisation of IT projects. Lutz Naake, a partner at EY, emphasises the importance of identifying critical IT systems and implementing proper controls, noting the challenges companies face in cyber risk management. They stress the need for shared language and understanding between cyber professionals and business leaders to effectively manage and prioritise cyber risks. The conversation also touches on the impact of emerging regulations like the EU's NIS2 directive and AI Act on cybersecurity practices.
Get new episodes of Policy & Insights automatically
