New technologies are entering the corporate world on a near daily basis, and every problem very quickly has an efficiency and productivity-increasing solution on the market. But this deluge of new ways of working can often leave enterprises scratching their heads, grappling to integrate these technologies without compromising security.
Our organisations are global, flexible, fast-moving and connected, which means – like it or not – cybersecurity is one of THE biggest challenges ahead. The facts speak for themselves: in 2005, the global cybersecurity market was worth $3.5 billion. Now it’s estimated to be over $120 billion. Why? Because when businesses are more complex, the threats are too. By necessity, future ways of working rely on constant and intimate digital connections with suppliers, partners and customers in order to stay relevant and competitive, naturally exposing businesses to security threats from global criminals. Without careful management of data, automated processes and enterprise-wide connectivity, organisations run the risk of becoming a playground for attackers.
However, it’s important to understand that good ‘cyber hygiene’ is as much about expecting the worst as it is building up effective cyber credentials. So, with this in mind, there are some important questions that every business should ask to assess their resilience to this challenging future:
Do you have a dedicated security team?
They should be at the front line of your business, included in strategy sessions and championing expertise and accountability for cybersecurity. The latest European Commission data found that one out of every three enterprises in the EU-28 had a formally defined ICT security policy. However, this was much more common for large enterprises than small ones, which were three times less likely to have this kind of policy in place, perhaps suggesting that a dedicated security team isn’t actually in place.
Are you an advocate for protecting customer data?
The connected office of the future means that businesses have a responsibility to help their customers understand how to protect themselves – not just from cyber threats, but also legal repercussions. Since the introduction of GDPR and even the California Consumer Privacy Act, the stakes are high, and organisations should proactively understand the implications of new and upcoming legislation in order to properly advise and support their customers. Fines of over €100 million have already been issued in high profile data breaches.
Do you think beyond your enterprise?
Cybercrime is so dangerous because cyber criminals are highly motivated and their practice is in a state of continual evolution and innovation – often faster than corporate defences – in short, it’s their business. Your business needs the collective power of partners, suppliers and other third parties to tackle them more effectively. Collaborating and sharing knowledge, products, services or simply awareness of issues can keep you ahead of the game.
Lack of sharing is not an option for the office of the future
Do you focus on the basics?
According to a report by Sapio Research, 84% of respondents wanted to be notified immediately if a company they worked with had experienced a breach. But only 37% said they would share that information if their own organisation’s data were compromised. This lack of sharing is not an option for the office of the future. On the contrary, something as simple as a cross-organisational working group to analyse threats and share solutions can be a great way for businesses to keep up with the rate of threat.
Are your employees part of every solution?
When employees are invested in business outcomes, everyone benefits. Empowering your teams to play a key part in risk management can greatly increase the chance of success, as it’s easy for employees to forget how small errors can create big vulnerabilities. But don’t make the mistake of assuming that it’s just junior staff that are the issue – Research from Code42’s 2018 Data Exposure Report found 59% of CEOs admitting to downloading software without knowing whether it is approved by corporate security.
Being forewarned and forearmed is not the same as being the harbinger of doom. However, the introduction of new technologies and big data can make us vulnerable in new ways, just as it can make us successful in others. In reality, a sensible, joined up and intelligent approach to any business challenge is actually just good working practice and the cybersecurity landscape is no different in that respect. The balance lies in reducing risk through investing in employees to reduce risk, dedicating resource to protecting customers and collaborating to share learnings. Developing this strategy now will make businesses stronger in the long term.