There is no doubt about it, to many people cyber security is a challenge. There are many aspects to consider and as you do consider them a few more will reveal themselves. Of these potential cyber security challenges, which are the top ones being faced by businesses today?
According to a senior threat researcher from IBM, who answered this question for Forbes magazine, the first one is ransomware. As often discussed and debated ransomware continues to be the most effective tool that the cyber criminals have. Effective from the point of view that it works for them! If it didn’t work then purely due to technical natural selection it would die away.
Hot on its heels are users. Yes, the you’s and me’s who spend our day glued to screens, manipulating and sharing data in a wide variety of circumstances. Our erratic behaviour and varied mistakes, including clicking on phishing links, is causing a field day of success for the cyber-criminal fraternity. There are of course those users, the disgruntled and malicious, who are creating cyber issues on purpose, but it all comes under the umbrella of user activity.
Now before I tell you the third, those first two are two of the key technical controls in Cyber Essentials – anti-malware and access control. So, they may have made this IBM threat researchers list, but if more companies adopted Cyber Essentials then they may rapidly drop down the threat rankings.
The third of the three top cyber security challenges listed by Forbes, is that old chestnut – budget! Security professionals are still hamstrung by budget restrictions to implement recommended mitigation strategies. The article goes on to reinforce the peculiar irony that budget usually does become available, but only once a large-scale data breach or incident had negatively affected the company. What is becoming known is the ‘closing the stable door after the horse has bolted’ strategy towards cyber security.
Staying with IBM, on their Security Intelligence website they recently published a story regarding GDPR and how it can be seen, not as a burden on companies, but as a catalyst for innovation. This positive view struck a chord with me, as one of my personal beliefs is that any technology challenge, if approached from a constructive angle, can have additional benefit over what was originally anticipated.
They state that, “Smart companies will leverage the GDPR to rethink their end-to-end data protection strategies and put clients back in control with self-service consent management capabilities. Organisations that do this will gain a huge advantage over their competitors in the next few years.”
…and I for one believe them.
In many cyber security presentations, briefing’s courses and discussions that I have been privy to the concept of cyber security and data protection as a competitive differentiator and advantage does get discussed, but still isn’t’ making much headway with the boards and others who have responsibility for it.
Maybe what we need is not another list of cyber security challenges, buy one of cyber security benefits. This list would be packed with all the positive effects that good technical cyber hygiene, strong compliance with data protection and a fully trained staff, can bring to a business. I for one would love to read that list. Would you?
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.