In this new Cyber Series, we interview thought leaders about cybersecurity and helping small and medium-sized businesses improve their cyber risk management to secure global value chains.

This Q&A is with the Cyber Readiness Institute’s Co-Chair Samuel J. Palmisano, Retired Chairman and CEO of the IBM Corporation and Current Chairman of The Center for Global Enterprise.

Q/ Why did you come together with the other Co-Chairs to found the Cyber Readiness Institute?

A/ I was the Vice Chairman of the President’s Commission on Enhancing National Cybersecurity. After the release of the Commission Report and conversations with Ajay Banga, Satya Nadella, Penny Pritzker, and Kiersten Todt, we decided it was important to continue the work of the Commission, in which we were all involved, and focus specifically on the cybersecurity concerns of small and medium-sized businesses (SMBs). We wanted to find practical ways to help strengthen the capabilities and minimize the vulnerabilities of SMBs. We felt it was important to create a clear and accessible approach that enables these SMBs to take ownership of addressing their cybersecurity risks. Poor cyber hygiene, including identity and access compromise and phishing, are the source of most hacks. By providing awareness, tools, and understanding of these vulnerabilities, we believe we can improve the cyber risk management and resiliency of these SMBs. The Cyber Readiness Institute looks to simplify cybersecurity processes and procedures for these small and medium-sized enterprises.

Q/ If the Cyber Readiness Institute is focused on small and medium-sized companies, what is the incentive for large companies to join the Institute and participate in Institute functions?

A/Large companies have broad and diverse value chains comprised of SMBs. The vulnerabilities of SMBs can become the vulnerabilities of the large companies if these value chain owners are not paying close attention to the cyber risk management and cybersecurity of the SMBs in their value chain. Large enterprises know what is important to them in evaluating SMBs; this knowledge is instructive in developing the content and tools to support SMBs and help make them improve their cyber readiness.

Q/ Why is it so important for the Cyber Readiness Institute to have a global focus?

A/ Today’s value chains are global. When we sat down to establish the Institute, one of the core principles was that it needed to be global in scope. Cyber threats and security are not constrained by geography. The only way that we can achieve an increased level of cybersecurity is by working together across borders. In an age of increasing interdependencies, our economy is even more global than it has been. Supply chains already stretch across the globe so instead of cutting them apart, we need to address cyber risk management across all value chains.

Q/ Any last comments?

A/ I encourage companies to get involved in The Cyber Readiness Institute. We are developing valuable content and tools that will help companies of all sizes better manage cyber risks. The more input we receive and integrate into our tool development, the more effective our content will be.

Learn more about joining The Cyber Readiness Institute by visiting the Membership page.