IS CYBER SECURITY A BUSINESS ENABLER OR A HINDRANCE?
Whenever a discourse veers toward cybersecurity, two schools of thought immediately come to mind. There is one which has faith in having an independent and a dedicated cyber security department that keeps a close watch on suspicious activities in and around an organization’s systems. And there is another which supports the idea that the entire exercise is needless—an extravagance that unnecessarily stresses an organization’s budget.
IMPACT OF CYBER CRIME
The chain of events in the past many years has tipped the balance in favour of the first school. The latter group is fast losing ground. There is an overwhelming reason for this shift in world opinion. Over the years, cyber crime has escalated by leaps and bounds. And there are no signs of slowing down.
Cyber crime has great appeal for hackers. Three key motivators—all irresistible—drive the hackers to get on with their occupation. First, the job involving the task of infiltrating a computer system is fairly easy and the prospect of making money is on the high end. On top of it, there is a comforting feeling that they will not get caught or sentenced. Statistics speak of a very low probability of catching the perpetrators and bringing them to justice. Hackers can operate from anywhere in the world without being noticed or detected.
In spite of the ease the occupation affords, hackers are constantly upgrading their skills and level of sophistication. Researchers say that the technology these criminals employ is at par with that of top information technology companies. Just like their counterparts, the hackers have moved on to adopt cloud computing, artificial intelligence and encryption. By failing to enforce even the most basic precautionary measures at the workplace, businesses and organizations have, in fact, facilitated the criminals to perpetrate the breaches, in quick succession, without any resistance. On the other side, we see efficient employment of technology, automated software creation and monetization of their work.
THE COST OF CYBER CRIME
Steve Morgan, Editor-in-Chief of Cyber Crime Magazine, writes, “Cyber crime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.” This is seemingly an endless list but if one takes into account the fact that the list may not be all encompassing, then the magnitude of losses goes far beyond anyone’s imagination.
ECONOMIC IMPACT
Mc Afee and The Center for Strategic and International Studies (CSIS) have jointly worked on a research project and presented a report titled: Economic Impact of Cyber Crime—No Slowing Down. The report explores on how cyber incidents impact the economies worldwide. The researchers observed that the scale of crimes has assumed epidemic proportions. A few years back, in 2014, the losses were around $445 billion. Today, the figure has catapulted to $600 billion yearly, which is nearly one percent of global GDP. Only a few countries have GDPs exceeding that huge figure. The rest of the nations around the world contend with a markedly lesser amount.
In spite of that colossal figure, cyber crime ranks as the third most expensive of illegal activities. The first rank goes to government corruption followed closely by
narcotics trade. Cyber crime ranks third in dollar value as a global problem incurring huge losses. Coincidentally, cyber crime is also third biggest economy exceeded only by those of United States and China.
SPIRALLING CRIME RATE
In the coming years, cyber crime is expected to grow in an unprecedented way because the hackers have turned their attention toward poorly secured Internet of Things (IoT) devices. They are using the devices to make inroads into systems. IoT devices themselves are not valuable but since they are not fortified security-wise, they provide easy approach to personal information from where hackers can gain access to networks and sensitive data. Once hackers gain access to the systems through IoT devices, they can easily launch denial of service attacks which open opportunities of ransom earnings.
The use of artificial intelligence was also responsible for the phenomenal growth of crimes. Hackers were able to make use of the tools to create new and sophisticated malware and then identify targets and then move on to the cloud services. Cloud services provided hackers the facility to store malware and launch denial of service attacks from there. What’s more, hackers can also search for targets on the cloud surface because businesses and organizations have moved on to cloud services to store a large part of their data including sensitive information. That is bait for criminals.
RESOLVING THE DILEMMA
The increase in cyber crimes is enough a reason to put to rest theories that cybersecurity is a hindrance in the smooth functioning of businesses and organization. If a dedicated staff is not maintained to keep an eye on the ever present threats of intrusions, cyber crime will grow like a snowball hurtling downhill. Having a cyber security department means having a force that is alert and vigilant to the dangers of attack. With CS staff working all the time, companies have a comforting feeling that even in case of an attack, the team will be on ground to contain the damage and do something as a remedy and attempt to recover lost or stolen data.
That leaves us with the only option. A cyber security department which is a team of professionals working round the clock and keeping a watch for any suspicious activity that may harm the system at the organization.
After establishing that cybersecurity is indispensable for a business or organization, we are now in a position to explore about how embedding it to business strategy can mean growth and profitability.
FROM A HINDRANCE TO CORE UNIT
Traditionally, the board members never accorded the importance to cybersecurity that it deserved. It was never considered as a requirement for the company. Instead, it was seen as restrictive and needless. But the events following COVID19 elevated cybersecurity to an indispensable position. The pandemic focing social distancing completely revolutionized the ways of conducting business. The staff were forced to operate remotely and physical offices suddenly turned into virtual hubs where colleagues communicated from their homes and meetings were conducted on apps such as Zoom. Cyber criminals took maximum advantage from the situation and increased the frequency of their attacks. In this scenario, maintaining a cybersecurity department became a necessity. Without an ever vigilant force, it was impossible to prevent and fight constant onslaughts which resulted in data theft and losses to the organization.
In spite of this transformation and change of heart, fewer than 25% of business leaders do no think of cybersecurity as a business enabler. They consider it as a barrier and a hindrance to smooth business routine. But such a stance is risky and exposes the organization to breaches and data loss. In contrast, when cybersecurity forms the core of business strategy, the chances of of bringing value to the enterprise drastically increases. Deep seated security speeds up agile implementations and resilience of operations.
Here are some more aspects that can enhance the value of cybersecurity and give it an attribute of ‘Business Enabler.
CUSTOMER FIRST
Every business relies on a customer base. The company would survive and thrive only when customers are satisfied and they choose remain loyal to the company. The news of cyber attacks and breaches travels fast and spreads just as quickly. It becomes a cause of bruised reputation and shattered confidence.
A strong security apparatus, that is both efficient in providing preventive measures and remedial strategy in an event of attack, gains confidence of customers. breaches shatter the confidence of customers and the company can no longer remain reliable. A global survey carried out by Vodafone has revealed that a strong cybersecurity can attract and retain customers which form the basis and strength of a business. According to the survey:
• 89% of businesses believed that customer loyalty and trust depends largely on improved cybersecurity
• 90% of businesses said that cybersecurity ehance business reputation in the market and this attracted customers
• 89% said that improved security acts as a competitive differntiator which helps in winning customers.
SHIFTING THE FOCUS
When companies place greater emphasis on prevention of attacks rather than threat detection and response, a restrictive environment evolves at the workplace. Such a place is not conducive for smart and talented work force to perform at their optimum. Restrictive checks and repetitive procedures hinder and distract employees from focusing on their tasks and give best results generating profits for the company.
The solution to the problem is to place the focus on detection and response instead of prevention. A defensive strategy hinders in creating an open environment essential for budding talent which brings innovation and continuous improvement.
SECURITY AND PRODUCTIVITY
Cyber attacks affect productivity by preventing employees from accessing their own system. A denial of service attack in particular can disrupt the business for a long time. By the time recovery attempts translate into success, huge losses are already on account. A robust cybersecurity strategy excludes fear of attacks from the operational cycle. For sustainable operations, a dependable security mechanism works like a charm ensuring competitive edge helps in winning customers.
MORE CREDIBILITY, MORE BUSINESS
When a customer establishes contact with a service provider or purchases something from a seller, he reposes trust in the company. Based on that trust, the customer shares personal information assuming it will not be misused or shared with third parties. In case of a cyber attack and probable theft of personal data, all that trust and confidence vanishes in a matter of seconds. Although many companies recover from the aftermath of attack, but they fail to rebuild the confidence and restore the same relationship with the customer. According to a report prepared by PwC, highlighting concerns customers have about their data, 85% of customers won’t make a
When a customer establishes contact with a service provider or purchases something from a seller, he reposes trust in the company. Based on that trust, the customer shares personal information assuming it will not be misused or shared with third parties. In case of a cyber attack and probable theft of personal data, all that trust and confidence vanishes in a matter of seconds. Although many companies recover from the aftermath of attack, but they fail to rebuild the confidence and restore the same relationship with the customer. According to a report prepared by PwC, highlighting concerns customers have about their data, 85% of customers won’t make a purchase from a business if they have lost trust. Another report by OnePoll says that 86% won’t do business with a business that has experienced a breach. The bottomline? More credibility, more trust. And more business.
INNOVATION: CENTRAL TO BUSINESS
E-commerce has opened a new opportunity for small businesses to compete with large businesses on online platforms. Businesses and organizations who have adapted to the new digital age are coming up with innovative products and services which help them in creating a niche for themselves. And to continue in this direction and to stay in business, companies will be bound to use best available technology. In a survey, 69% of c-suite executives thought that digitization is the mainstay of an organization’s business strategy. And 64% agreed that cybersecurity is a key factor in ensuring the success of business models.
FINAL WORD
Gone are the days when cybersecurity was relegated to a dark corner of the enterprise. But now professionals and top executives have come to realize that cybersecurity is not only essential for businesses, it is key to its very existence. Times have changed and experience has taught great lessons. One of the lessons today is widely accepted: cybersecurity is a business enabler.
Great article, thoroughly explained, thanks a lot.