There's a range of key threats in today's business markets through cyberattacks.
The concept of social engineering, so we read quite often regarding organisations and staff being targeted through emails, those emails look very legitimate if click on the attachment for example, but that attachment is actually a malicious piece of code disguised, that can then cause consequential loss to your organisation systems and data.
So social engineering is a key risk in today's business operations. Organisations are using more and more third parties to support their business operations, which is great from an efficiency perspective and an effectiveness perspective but what assurance do organisations have that those third parties have the right level IT controls in place? The concept of third party assurance is really important in terms of today's modern cyber governance frameworks.
The third risk is the use of open source software. Organisations that are using more and more open source software to support their business operations, which is great from an efficiency effectiveness perspective in terms very economical but that becomes a risk in itself in terms of how do we know what open source software we use in our organisations and how do you ensure that that open source software is updated with the latest security updates. Open source software governance is the third very important component of today's cyber control frameworks.