OEC
processes like governance and access reviews but also the integration of cybersecurity into existing workflows , such as the procurement process , to safeguard against supply chain attacks .
“ Our holistic approach ensures that all facets of our organisation are fortified against cyber threats , recognising the importance of bringing technology , people , and processes together within the programme .”
Innovative cybersecurity governance at OEC Establishing robust cybersecurity governance is a cornerstone of OEC ’ s cybersecurity programme . Cybersecurity governance defines accountability , responsibility , and oversight to ensure that cybersecurity risks are known and adequately mitigated . OEC ’ s approach to cybersecurity governance includes four elements :
• Establishment of Owners : Ownership of cybersecurity aligns with the operational accountability of each company within OEC , ensuring a tailored approach to cybersecurity risk management .
• Risk-Based Decision Making : OEC makes cybersecurity decisions based on risk assessment , ensuring resources are allocated to address the most critical risks effectively .
• Well-Defined Roles and Responsibilities : Clear roles and responsibilities for cybersecurity are defined and assigned , leaving no room for ambiguity .
• Measuring and Reporting on Cybersecurity Risk : OEC continuously monitors and reports on cybersecurity risk , allowing for proactive adjustments to their cybersecurity posture . These measures are indicative of OEC ’ s commitment to maintaining a high level of cybersecurity governance across its diverse range of companies and industries . “ Given that OEC consists of a group of 16 operating companies in a variety of industries , an adaptive cybersecurity governance approach was established to address the unique needs and risks of each company ,” Elsohemy explains .
Challenges in cybersecurity and their solutions Like many organisations today , OEC faces its fair share of challenges when it comes
technologymagazine . com 303