Enterprise security must change

1 October 2019 Cyber Security, Security Services & Risk Management

The recent wave of cyberattacks against local banks has highlighted the importance of protecting data against malicious users. With data being the most critical asset of any organisation irrespective of size and industry sector, there is also a greater degree of vulnerability to contend with.

Organisations are running their critical operations on emerging digital technologies, deploying more applications on more devices in more geographies than ever. This digital approach is also creating greater exposure to equally sophisticated levels of cyberattacks. A traditional approach towards cyber defence is no longer good enough. Instead, a higher level of protection is required to protect business-critical data.

Security spending is expected to reach $174,5 billion by 2022 as a result of digital transformation initiatives, regulatory compliance pressures, and the rising number of cyberattacks. This indicates that organisations are starting to pay more than lip service to rethinking their strategies when it comes to their defences as well as threat mitigation.

As part of this process, there are several elements to consider for cybersecurity to be more effective.

It all starts in the boardroom. Leadership must prioritise cybersecurity. But to do so, they must understand the extent of the problem. Fortunately, media reports about data breaches are helping raise awareness of the issue. Hopefully, it will become a key boardroom talking point sooner rather than later. As part of this, cybersecurity must be a business-wide priority. Even though cost-cutting initiatives are taking priority in difficult economic conditions, investments must be made in more effective cybersecurity measures.

Of course, this does not mean cybersecurity is only the priority of management. All employees must be held accountable, especially if social engineering is involved in attacks. This also necessitates better (and ongoing) education initiatives inside the organisation.

Mobile environment

It is a widely-held belief that the most significant cyber breaches come from inside the business. Employees are careless with company data and untrained when it comes to cybersecurity principles, especially regarding their use of mobile devices.

IT departments must take a more active role in protecting employee devices, especially with so many organisations allowing for personal smartphones and tablets to be used at the workplace. This is where an end-to-end security approach that protects information and apps from the mobile phone to the data centre, whether it is on-premise or in the cloud, must be fundamental.

Moreover, security breaches can have a wider impact than initially thought. While damage to customer trust is significant in a highly competitive environment, do not underestimate the impact of lost confidential data, the impact on future revenue, as well as reduced staff morale can have on the company.

Becoming compliant

With the regulatory environment also evolving, care must be taken to ensure the company remains compliant with data governance. The financial implication (not to mention reputational damage) non-compliance can have is significant. To this end, every person in a company must understand that there are no exceptions to complying with security policies, irrespective of their position in the organisation.

IT departments must take charge in this regard and ensure the organisation remains ever vigilant. This does not mean cybersecurity policies are developed once and only reviewed annually. Instead, defences must adapt faster to reflect the agile environment of the digital landscape. This is especially true given the move towards cloud-based solutions and managed environments.

Cybersecurity is an evolving component that is key to business success in the connected world. It needs constant vigilance if the organisation is to mitigate the risk of having its data compromised.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The year resilience paid off
Issue 8 2020, ContinuitySA , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions spoke to Michael Davies about business continuity and resilience in a year when everything was put to the test.

Free-flow smart weapons detection system
Issue 8 2020, XPro Security Solutions , News, Security Services & Risk Management, Products
Detecting people carrying weapons and preventing them from entering your venue is now possible, without sacrificing the visitor experience.

Cyber Talent: It is more about Talent than Cyber
Issue 7 2020 , Cyber Security
Four million trained workers are needed to fully bridge the skills gap in the cybersecurity field around the world and properly defend organisations against threat actors.

Liquid Telecom unveils Cybersecurity unit
Issue 8 2020 , News, Cyber Security
Liquid Telecom has unveiled its Cybersecurity unit, which offers end-to-end managed services for digital security solutions.

Increased cloud visibility and security
Issue 7 2020 , Cyber Security
Sophos adds cloud visibility features from Cloud Optix to Intercept X Advanced for Server with EDR.

Ransomware and customer loyalty
Issue 7 2020 , Cyber Security
Arcserve research uncovers links between ransomware, consumer purchasing behaviour and brand loyalty.

IoT will transform industrial security
Issue 7 2020, Kaspersky , Cyber Security
55% of organisations globally are confident the Internet of Things will change the state of security in industrial control systems (ICS).

BYOD: bring your own danger
Issue 7 2020 , Cyber Security
Five cybersecurity threats that jeopardise the security of mobile devices and the keys to optimising their protection in a connected world.

7 Arrows becomes a part of Fidelity ADT
Issue 8 2020, Fidelity ADT , News, Security Services & Risk Management
Fidelity ADT and 7 Arrows have concluded an acquisition agreement effective 1 October 2020. 7 Arrows will now form a part of Fidelity ADT.

Nclose moves to secure Microsoft 365 environment
Issue 8 2020 , News, Cyber Security
Nclose has launched dedicated Microsoft 365 managed security services within its Managed Security Services division, to help enterprises with newly-remote workforces close gaps in their security environment.