The Cyber Harm Model (CHM) is a new approach to cybersecurity that focuses on understanding the diverse and cascading effects of cyber incidents, moving beyond the mere identification of threats. This holistic view is critical in today’s interconnected digital environment where a single cyber incident can have far-reaching and multifaceted impacts.
Implementing the CHM in corporate settings leads to more effective risk management strategies. It encourages organizations to consider not only the direct consequences of cyber incidents but also the indirect and long-term impacts. This results in the development of infrastructures that are more resilient, better stakeholder engagement, and a more nuanced understanding of the cyber risks. However, organizations are facing challenges when implementing the CHM, such as a lack of unanimous consensus on the definition of cyber harm, a lack of empirical research regarding cyber harm and organizational intervention, and difficulties in analysing the indirect and cascading effects of cyber incidents.
In essence, the CHM fosters a culture of cyber resilience that is aligned with the complexities and dynamics of the modern digital world.1 As corporates continue to grapple with the growing sophistication of cyber threats, integrating the principles of the CHM into their cybersecurity strategies is a game changer, ensuring not just compliance but also a robust defence against the evolving cyber landscape.
Challenges for organizations implementing the Cyber Harm Model (CHM)
Comprehensive Understanding of Cyber Harm
There is a lack of unanimous consensus on the definition of cyber harm, and a comprehensive understanding of the entire spectrum of cyber harm is not yet well understood. This poses a challenge for organizations looking to implement the CHM, as they need to invest time and resources in developing a clear understanding of the concept and its implications.
Data Access and Empirical Research
Empirical research and access to reliable data for studying cyber harm is another challenge. There is a persistent lack of empirical research regarding cyber harm and organizational intervention, and researchers face challenges in gaining access to reliable data for studies on cyber harm. Therefore, organizations may encounter difficulties in obtaining the necessary data to effectively apply the CHM.
Interconnectedness and Dependencies
The CHM aims to consider the interconnectedness and dependencies of various systems when assessing cyber risk. However, analyzing the indirect and cascading effects of cyber incidents, as well as understanding the complex network of interconnected entities within the larger operating ecosystem, is a complex task for organizations, requiring a thorough and systematic approach.
Stakeholder Engagement and Policy Development
The established cyber-risk management standards of organizations usually overlook the significance of stakeholders in upholding cybersecurity and neglect strategies for effectively engaging with them. Implementing the CHM requires organizations to prioritize stakeholder engagement and policy development, which can be a challenging endeavour.
At Leverage Experts, we understand the importance of effective cybersecurity risk management and the challenges that organizations are facing when implementing the CHM. Our team of experts assist organizations in developing a unique and dedicated CHM for their businesses, tailored to their specific context and needs.
We support organizations in navigating the challenges of developing a comprehensive understanding of cyber harm, obtaining reliable data, and adopting a systematic approach to assess interconnectedness and dependencies when implementing the CHM. We encourage companies to consult us at Leverage Experts to assist in implementing a unique and dedicated CHM for their businesses. By working together, we help organizations to prioritize their cybersecurity efforts, allocate resources more effectively, and develop human-centric harm mitigation strategies.