+27 11 475 2407


Companies of all natures, shapes, and sizes are at risk of cyber threats and crime. No organisation is immune to cyber-attacks, which are increasing in frequency and sophistication all the time. However, the risks to which companies in different industries are vulnerable can vary, and a specialised, industry-specific risk management approach will always trump a generic one when it comes to efficacy and efficiency.

Governing Industry-Specific Cyber Risks

“Certain sectors are particularly vulnerable to cyber-attacks. The level of risk to which a business is exposed is directly related to the potential returns that cybercriminals can reap with a tolerable amount of effort. They won’t apply the same effort to attacking a restaurant as they would to a financial institution that keeps sensitive information and money. A company’s risk management approach must not only be industry-specific but also curated according to the specific risks the business faces, as well as its risk appetite.


While the principles of IT governance are largely generic, the interpretation and focus will differ between verticals because the operating landscapes are different.


“Similarly, while the principles of IT governance are largely generic, the interpretation and focus will differ between verticals because the operating landscapes, which include market dynamics and legislation among other things, are different,” says Charl Ueckermann, CEO at AVeS Cyber Security.

>> Read what other industries are doing: Productivity and innovation in modern manufacturing calls for better risk management

Industries Leading The Change

The Financial Services Industry

Specific verticals are under higher pressure than others to implement focused risk management tools in line with good governance principles and to ensure compliance with legislation. The banking and financial services sector must meet customer demands for innovative services and solutions as well as personalised services while at the same time protecting their data and sensitive customer information from attack.

The Telecommunications Industry

Telecommunications companies, such as internet service providers and mobile operators, are also under increasing pressure to implement robust measures to protect the vast amounts of sensitive data that is stored and transferred on their infrastructures. Even the retail industry has had to adapt risk management approaches to evolving threats. They process payments on Point of Sale (POS) systems that are often unprotected, transfer large sums of money, and store and process sensitive customer information, such as banking and card information, which are all areas that can lead to higher risk profiles. In providing online shopping services, they also process online banking and card transactions.

The Retail Industry

“The retail industry looks vastly different from what it did ten years ago. Cyber security and risk management procedures must be cognisant of threats arising from ‘bricks and mortar’ as well as online services, both of which demand a highly-personalised customer experience,” says Ueckermann.


Any organisation that takes a more mature, predictive approach to cyber risk management will have more time to spend on customers and innovation. Ultimately, they will be more competitive, trusted and profitable.


The Future of Cyber Risk Management

Ueckermann expects the transition to industry-specific cyber security and risk management to continue gathering momentum. Business processes, skills, and technologies will have to be adapted to support this transition.

“Certainly, businesses across different industries face similar challenges when it comes to cyber risk management. However, an intensive understanding of the specific issues facing companies in vertical industries is becoming more crucial for addressing unique cyber security needs.”

Unexpected Cyber Security Providers

Following the shift towards specialised cyber security, there is a growing number of entrants into the cyber security market. Of the new vendors entering the scene, some are unexpected newcomers offering cyber protection services as part of their portfolios.

 “Take some of the biggest insurance companies in Africa, for example. Insurance organisations are now providing cyber security protection to their customers, which includes licensed security software and predictive monitoring, as part of their cyber insurance solutions. Would you have imagined ten years ago that an insurance company would be providing cyber security solutions as part of their offering?”

>> Further reading: Cyber insurance is your companies’ double-layer safety net


All of this indicates that there is increasing consciousness amongst companies and vendors alike of the need to hone cyber security and risk management approaches to address industry-specific challenges.



He concludes saying that while there will always be a need for horizontal cyber security solutions, specialised industry-specific approaches to risk management are becoming imperative for preserving lower-risk profiles within verticals.

“The search is heating up for industry-specific cyber risk management solutions.”

>> Read also: Top six cyber security trends to watch in 2020

Do you like this article? Sign up to receive updates of new articles like these straight in your email inbox >>

Start Managing Your Industry-Specific Cyber Risks Smartly

Your organisation’s unique risk profile and risk appetite will guide your information security strategy.
Find out where your cyber risks are and how to outsmart cybercriminals without breaking the bank.

Pin It on Pinterest

Share This