Should We Worry About Cyber Security?

While AI has gained tremendous popularity, cybersecurity has captured people's attention. As organizations expand globally, the geopolitical risks facing their operations increase exponentially. In this ever-changing world it is very important for organizations to maintain agile processes for their corporate security teams and develop comprehensive crisis management plans.

Ketan Sowani

10/23/20233 min read

person using black laptop computer
person using black laptop computer

With the development of a global marketplace, an increasing number of organizations find themselves opening offices and operations in multiple locations worldwide. This expansion and diversification are excellent because it brings with it increased economic prosperity for the organization, but it is extremely important that the corporate security teams of these organizations be involved in the planning as well as implementation phases of this growth to avoid crisis and security risks during operations.

Changing geo-political, cultural, and economic conditions of different locations vastly change the cyber-security risks and adversaries facing an organization. Essentially “copy & pasting” security procedures and cyber-security plans from one region into the expanded operations of another region is therefore ill-advised and has the potential to causing a high amount of harm to the companies’ resources, assets, people or image.

In a study conducted by the World economic Forum, we can see that over 90% of cyber security leaders believe that geopolitical instability is going to lead to a catastrophic cyber attack in the next 2 years!

This leads to the question – what are the priorities for organizations to protect themselves from cyber-attacks?

A study conducted by the WEF also shows the top 3 priorities that organizational leaders identify as what any organization must look at for risk mitigation. As we can see, using centralized cloud-based systems, increasing awareness of employees and digital transformation to more secure methodologies of operations are the top 3 priorities.

Approach 1: Centralized cloud-based systems

Centralized cloud-based systems allow for the distinct advantage of implementation of standardized access protocols across the company. They also for data storage and processing to take place in a consolidated way in the cloud rather than individual servers. This allows for a much higher level of protection through centralized security planning such as data encryption, firewalling etc. Additionally, the cloud provider is responsible for the security “of” the cloud while the client is responsible for the security “in” the cloud. Having a specialized provider therefore responsible for your security from external attacks is a big benefit.

As is seen in the graph below, AWS takes responsibility of the security “of” the cloud which essentially safeguards its clients from external attacks.

Approach 2: Increasing Employee awareness

Social engineering and other forms of employee exploitation remains the major way for adversaries to carry out cyber-attacks. Increasing employee awareness and making it easy for them to report attacks is very important to carrying out risk mitigation or minimization after an attack. As can be seen from the graph below, a large number (45%+) of employees do not report cyber incidents.

Therefore, Business transformation initiative where employees feel more comfortable reporting incidents for mitigation and planning is very crucial for future security.

Approach 3: Digital transformation

Digital transformation initiatives such shifting to cloud-based systems, use of generative AI and shifting to automated tools over manual tools (for e.g.: shifting to workdays finance software for financial analytics over manual analysis by the company’s finance department) allows for centralization of data and reduction in distributed work, human errors and therefore a reduction in cyber-security incidents.

Shown below are the benefits of digital transformation. As can be seen, digital transformation allows for automation and centralized flow of work. Therefore, the organization needs to focus on securing far fewer channels compared to many channels without digital transformation. This concentration of efforts therefore increases security posture greatly.

Conclusion: Therefore, By migrating to cloud based systems, increasing employee awareness and feedback and using digital transformation a organization can safeguard itself effectively against cyber-adversaries and attacks.

References:

https://www.continuitycompliance.org/

https://www.gov.uk/crime-justice-and-law/crime-prevention

https://www.gov.uk/guidance/preparation-and-planning-for-emergencies-responsibilities-of-responder-agencies-and-others

https://www.osac.gov/Content/Browse/Report?subContentTypes=Crime%20and%20Safety%20Report

CSMP – ISMI® Textbook 1 (https://ismi.org.uk/)

"Technological advancement and ease of access is the key to human prosperity."

Ketan Sowani, MBA Business Consultant