Rethinking the organisational cyber security approach

Posted on 26/07/2019

Our recent World Wide Worx survey, conducted in partnership with Trend Micro, has shown that local CIOs are not leading the company response when it comes to dealing with data breaches. This indicates a clear disconnect between C-suite and IT strategies that must be addressed if companies are to ensure data remains safe at a time where it has become a prime target for malicious users.

Fortunately, decision-makers are aware of the risks out there. They understand that it is not a case of if they will be attacked, but rather when this will happen. More than a third of respondents expect the next cyber attack to hit them within a few days while more than half anticipates this to occur within the next year.

Given these grim findings, one would expect that shoring up defences would be a strategic priority. Yet, the two main focal points when it comes to corporate initiatives were acquiring new customers and growing existing customer revenues. Protecting against cyber attacks came in a distance fifth. Yes, difficult economic times mean companies must do everything in their power to ensure growth, but this investment will be futile if they cannot protect the data of their customers.

This is especially relevant when one takes into consideration the financial and reputation impact of data breaches in a highly regulated market. The fines associated with not taking adequate measures to protect customer data can be astronomical. And when those customers find out that there has been a breach and not enough was done to safeguard their information, the loss of trust can be even more significant resulting in people flocking to competitors.

Respondents confidently state they can protect the company in the event of an attack. In fact, 99% of people surveyed said they have the capacity to do so. Sadly, this assuredness comes tumbling down when asked if the skills to do so are there – a whopping 45% agree that they do not have the capabilities to keep the business safe.

This lack of skills is especially concerning given the important role data protection plays in the connected world. Companies must do more to ensure that employees are not only educated about cyber security risks, but social engineering as well. And while this education will not address the significant skills gap that currently exists, it is a step in the right direction.

Furthermore, decision-makers must also look beyond the human element and must more closely examine their security software and systems. The survey found that almost 93% of respondents had outdated solutions in place. This could be attributed at least partly to a lack of integration between the CIO and the IT department.

Going forward, a more integrated cyber security approach is required that encompasses the solutions, the infrastructure on which they are used, and education on the threat landscape. It is about focusing on applications and building in an intrinsic level of protection that links the hardware with the software.


Category: Business

Tags: , , , ,

Related Articles

Posted on 05/09/2019 by charlene

Cloud and Security Insights from Tesco

This year Tesco is celebrating its 100-year anniversary. Having begun life as a Hackney market stall in  1919, Tesco has grown to over 6,800 shops across the globe, becoming much more than the grocery chain that most of us know. As well as expanding into clothing, electronics and software, Tesco also offers financial services (Tesco […]

3 minute read
Posted on 15/08/2019 by charlene

Ransomware threatens SA business environment

Last month saw City Power in Johannesburg fall victim to a ransomware attack that not only crippled its Web site, but left consumers unable to buy pre-paid electricity. Sadly, this is just one example where local organisations are increasingly being targeted by malicious entities. Further afield, in the US alone, more than 20 public-sector organisations […]

2 minute read
Posted on 12/07/2019 by charlene

Why the key to innovation might lie in side-hustles (and technology)

We talk about innovation so much there’s a danger the term becomes devalued. Everywhere we look, we hear about the need to be innovative. Innovation changes the world, innovation drives us forward, innovation got us out of the cave. Actually, it’s completely wrong. Being able to come up with ideas hasn’t done anything. What got […]

3 minute read

Comments

No comments yet

Add a comment

Your email address will not be published.

*

This site uses cookies to improve the user experience. By using this site you agree to the privacy policy