Today, we conduct our business lives online and digital transformation is helping our organizations make a clean break from the past. Digital assets have replaced physical objects, remote working is taking us out of the office, and data has become our most precious commodity.
But here’s the problem. As we become increasingly dependent on the cloud and the Internet, our risk of exposure to cybercrime grows. Recent high-profile ransomware attacks like Solar Winds captured the headlines, but there’s much more business damage that goes unreported. I read in a recent issue of Forbes that 2020 broke all records when it came to data lost in breaches and sheer numbers of cyberattacks on companies, governments and individuals.
Talking with IT leaders, it’s clear there are good reasons to be concerned about security posture. In fact, the Ponemon Institute reported that, since the onset of COVID, fewer than half of IT professionals are confident about their organization’s cybersecurity, down from 71 percent before the pandemic.
And, if confidence in cybersecurity is so low, the stakes are high.
It’s not just the loss of valuable commercial data that can damage a business. Non-compliance with security regulations can lead to heavy fines and other penalties. And, there’s the intangible damage to business reputation — a factor that can lead to loss of trust in a vicious downward spiral.
But, even if the risks are inevitable as cybercriminals ramp up their attacks, there’s also a great opportunity for IT leaders to seize the initiative and take steps to reduce risk and prevent damage. It all begins with awareness. Not just within our own IT and security community, but with business leaders and most important with the users who represent the softest target for attackers.
We have to ask the question, do business leaders really understand the true cost of digital risk? According to the World Economic Forum Global Risks Report 2020, cyber attacks ranked first among global human-caused risks and, by 2021, cybercrime would cost the world $11.4 million each minute.
With digital risk on that scale, I believe that cybersecurity must become a C-suite priority. And, communication about security must spread down through the whole organization. Employees are more connected than ever through mobile apps, cloud services and applications, remote working, and online collaboration. And, that’s where we’re also finding the vulnerabilities. It’s important that employees understand the potential risks from threats like typosquatting, social engineering, or fake apps, particularly when they are using their own devices or working from home.
In the office, we can apply corporate security standards and manage critical processes like patching and updates, but the security perimeter is now much wider. Today our data lives not only inside our network (on-premise or cloud-hosted) but also lives inside our supply chain (partners and supply chain apps) and outside our business (devices, surface, deep and dark web).
Do you know if your data is already out there? You may want to consider Digital Risk Protection.
Identity and Access Management tools are proven to improve an organization’s cybersecurity posture by providing access to resources only to authorized users, but the problem is that many organizations aren’t yet using those solutions.
Digital transformation is bringing great benefits to our business, but it’s also exposing us to greater risk. What are you doing to protect it?