post-title Make Cybersecurity a Strategic Asset

Make Cybersecurity a Strategic Asset

Make Cybersecurity a Strategic Asset
Business Management Articles
Already a member?

Not a member?

Sign up today



3 Free Articles per month, $6.95/article thereafter. Free newsletter.



Unlimited digital content, quaterly magazine, free newsletter, entire archive.

Sign me up

Image courtesy of Gary Waters/

On June 27, 2017, employees in more than 80 global companies booted up their computers only to find a black screen with the message, “Oops, your important files are encrypted,” along with a demand for a bitcoin payment to decrypt the files. Within a few hours, managers began to realize the extent of the attack: Malware had infected the companies’ central servers, paralyzing every aspect of global operations, including interoffice communications, access to documents, access to customer data, and all operational and manufacturing systems. The NotPetya virus, which had begun its spread via the software-update function of a widely used Ukrainian tax preparation program, eventually caused global economic damage exceeding $10 billion in industries such as transportation, energy, pharmaceuticals, food production, consumer goods, and professional services.1

Despite such examples of devastating cyberattacks on major organizations, many of the world’s largest companies remain unprepared.2 Although executives acknowledge cybersecurity as an important part of IT planning, they misunderstand the strategic character of cyberattacks, both as a severe threat to earnings and operations, and as an opportunity. Yes, an opportunity.

We studied three global companies, competing in logistics, consumer goods, and professional services, that suffered from the 2017 NotPetya attack.3 (See “The Research.”) We found that executives who have successfully managed through cyberattacks now recognize cybersecurity as a top-level strategic priority; they told us that their biggest mistake in the period before the NotPetya attack was to treat cybersecurity as an operational issue.

Read the Full Article


1. A. Greenberg, “The Untold Story of NotPetya, the Most Devastating Cyberattack in History,” Wired, Aug. 22, 2018,

2. See, for example, P. Mee and J. Cummings, “Is Your Company Ready for a Cyberattack?” MIT Sloan Management Review, Dec. 4, 2018,; R.A. Rothrock, J. Kaplan, and F. Van der Oord, “The Board’s Role in Managing Cybersecurity Risks,” MIT Sloan Management Review 59, no. 2 (winter 2018): 12-15; and M.E. Mangelsdorf, “What Executives Get Wrong About Cybersecurity,” MIT Sloan Management Review 58, no. 2 (winter 2017): 22-24.

3. To preserve confidentiality, we are referring to the companies by industry — logistics, consumer products, and professional services — rather than by name.

Reprint #:


About Juan Rodulfo

Defined by Nature: Planet Earth Habitant, Human, Son of Eladio Rodulfo & Briceida Moya, Brother of Gabriela, Gustavo & Katiuska, Father of Gabriel & Sofia; Defined by the Society: Venezuelan Citizen (Human Rights Limited by default), Friend of many, Enemy of few, Neighbor, Student/Teacher/Student, Worker/Supervisor/Manager/Leader/Worker, Husband of Katty/ Ex-Husband of K/Husband of Yohana; Defined by the US Immigration System: Legal Alien; Defined by the Gig Economy: Independent Contractor Form 1099; Studies in classroom: Master Degree in Human Resources Management, English, Chinese Mandarin; Studies at the real world: Human Behavior; Studies at home: Webmaster SEO, Graphic Web Apps Design, Internet & Social Media Marketing, Video Production, You Tube Branding, Trading, Import-Exports, Affiliate Marketing, Cooking, Laundry, Home Cleaning; Work experience: Public-Private-Entrepreneur Sectors; Other Definitions: Bitcoin Evangelist, Human Rights Peace and Love Advocate. Author of: Why Maslow: How to use his theory to stay in Power Forever (EN/SP); Asylum Seekers (EN/SP); Manual for Gorillas: 9 Rules to be the “Fer-pect” Dictator (EN/SP); Why you must Play the Lottery (EN/SP); Para Español Oprima #2: Speaking Spanish in Times of Xenophobia (EN/SP). Social Media profiles: Twitter/FB/Instagram/VK/Linkedin/Sina Weibo: @rodulfox
%d bloggers like this: