Cybersecurity Becomes a Management Responsibility, Not Just an IT Issue
Modern cyberattack consequences require management decisions, not just technical fixes. In Latvia, cyber incidents are rising sharply, pushing companies to adapt.
Cybersecurity management is undergoing a fundamental shift: cyber incident response is increasingly seen as a leadership concern, not solely an IT department task. This is confirmed by international data: the World Economic Forum's January global risk report listed cybersecurity as a top corporate risk, yet only 14% of organizations believe they have sufficient resources and expertise. In Latvia, the trend is equally stark: in Q4 2025, Cert.lv processed 923 manually handled incidents, a 38% increase from the previous quarter and 62% higher than Q4 2024.
Author Ivars Šulcs, an IT specialist, argues that while technical teams can implement solutions, decisions about risk appetite, investment, and business continuity rest with senior management. Many companies still treat cybersecurity as a cost rather than a prerequisite. The recommended approach includes a cybersecurity audit, a clear incident response plan, regular simulations involving executives, and continuous monitoring via a security operations center. Šulcs cites the Danish giant Maersk as a positive example: after its severe 2017 cyberattack, the company communicated transparently and mobilized effectively, demonstrating that leadership agility is critical.
No organization can guarantee immunity from attacks, but management preparedness can significantly mitigate damage. Cybersecurity is now an essential leadership competency.
