3 Biggest Cybersecurity Lies
It's is time for business leaders to see cyberthreats for what they are—enterprise risk management issues that could severely impact their business objectives.
Today, cyberthreats are a clear and present danger to the global business ecosystem. Yet many enterprises place the responsibility for managing cyberthreats solely in the hands of their technology team. It is time for business leaders to see cyberthreats for what they are—enterprise risk management issues that could severely impact their business objectives. Let’s have a look at top 3 myths business leaders fall into regarding information security
# 1 Cybersecurity threats are limited to your network
Within a span of 7 years we have almost double the number of connected device compared to the total population during 2003 to 2010 and currently we have almost 4 times the number of devices than the world population. An average person can cope upto 150 people friends throughout life and research states your closest 15 relationships—including family members or “kin”—seem to be most crucial when it comes to your mental and physical health. However by the year 2020 we will have 7 connected devices per person. Yes, half the amount of total people close to your life.
And with the new data flows connected through Social media channels, Analytics platforms, Mobile and Cloud, enterprise is fiercely expanding its boundaries of cooperate information. Traditional boundaries have shifted; companies operate in a dynamic environment that is increasingly interconnected, integrated and interdependent. The ecosystem is built around a model of open collaboration and trust. Constant information flow is the lifeblood of the business ecosystem. Data is distributed and disbursed throughout the ecosystem, expanding the domain requiring protection.
#2 Cybersecurity is keeping hackers out
Throughout the years hacking has converted itself from a teenage hobby to organized crime expanding up to nationwide espionage. Organized crime targeted towards financial payment systems, personally identifiable data and payment card details are quite common in the recent past. Recent attacks forcing 6 Indian banks to replace or change security codes for 3.2 million debit cards over a span of 2 months, VISAS attack vulnerability of guessing card information through different sites without detection are quite recent examples of such.
Office of the National Counterintelligence Executive, Report to Congress on the Foreign Economic Collection and Industrial Espionage, following areas of information are mostly at risk;
Emerging technologies such as clean energy
Payment cards and related information
Advanced materials and manufacturing techniques
Therefore the adversaries motivated through economic or military advantage through to financial gains to personal advantage and patriotism are out there. It’s quite impossible to keep all these adversaries out and expand and implement vast reaching business channels at the same time.
#3 Cyber threats are a technical issue
Historical headlines have primarily been driven by compliance and disclosure requirements whereas truly Cybersecurity must be viewed as a strategic business imperative in order to protect brand, competitive advantage, and shareholder value. Advancements in and evolving use of technology such as adoption of cloud-enabled services, Internet of Things (IoT) security implications, BYOD usage etc. has made complicated issues in identifying information boundaries. So technical controls to prevent all leakages would be quite similar to attempting to hold water within your palm. It will retain as a whole, but at some point it will surely leak. Operational fragility – real-time operations; product manufacturing; service delivery; customer experience has been the focus of all the organizations. This requires substantial enablement through technology and creates vast number of open channels for information flow.
Cybersecurity today is a rapidly evolving challenge of advanced skill, strategy and technology. As a result, the security models of the past decade are no longer sufficient. Creating an integrated, business-aligned security strategy and programme requires awareness and commitment from the highest executive levels of the organisation – in order to apply the appropriate resources and investments.