Companies must invest in a strategic cybersecurity plan – or face the consequences

By Kunal Purohit, Chief Digital Services Officer, Tech Mahindra.

  • 1 year ago Posted in

The digital economy is growing at an unprecedented rate. The exponential growth of data, the new way of working, shopping, communicating, and the tremendous advancement of technology, all these are inducing organisations to spark innovation and growth.

While digital transformation unlocks new opportunities for organisations to succeed today, shape tomorrow and stay forefront, according to a digital survey report commissioned by Tech Mahindra, only 5% of digital transformations achieve all their goals, and 25% end in failure.

To stay ahead of the curve, organisations need to gauge how they can align their strategies by leveraging technology, reimagining the power of people, and calibrating capabilities. It is imperative for them to lay the foundations for success: setting a clear vision, putting the right leadership in place, and being strategic about cybersecurity. Security needs to be a central part of their transformation plans as new major cybersecurity breaches happen every day to be a stumbling block to their business advancements.

Prioritise cybersecurity – or face the customer consequence

Most data breaches are the result of human error, meaning that employee access points to digital tools and systems are a prime target for cybercriminals. According to an industry report, 90% of data breaches are caused by simple phishing, the fraudulent practice of sending emails purporting to be from reputable companies in order to incite individuals to reveal sensitive information such as passwords. A 2021 industry report found that the global average cost of a data breach to a company is $4.25 million.

The study commissioned by Tech Mahindra also found that many organisations may not be prioritising security as part of their digital plans. 54% of companies say they are taking steps to improve security or will in the future, but only 22% say that improving cybersecurity is a goal of their digital transformation plans.

The study shows that it is extremely important for the executives to make security a central part of their digital transformation plans. Otherwise, all the investment and commitment to digital transformation could be undone by one breach, resulting in financial implications that not all organisations can recover from.

Businesses need to revisit their cybersecurity and compliance capabilities to increase accountability with customers and improve stakeholder trust. Right measures should be taken at right time to build and keep the trust with them. Regaining the trust of customers impacted by a data breach can be a long and expensive process to recover from.

A security breach can cause long-term damage to a company’s reputation and that can often result in customers leaving for a competitor – one where they believe their data will be more secure. Companies must have executive decision-makers in the right roles to ensure this doesn’t happen.

Lead together; succeed together

It wasn’t too long ago that companies put their transformation plans in the hands of someone who only had an extensive background in digital, but they did not necessarily have sufficient business knowledge to lead the project.

While it is essential to have specialists in a complex field such as cybersecurity, it is just as important that companies take an approach that factors in all partners, both business and technological focused, working together. This ensures that cybersecurity is woven into every process across the organisation.

According to the survey commissioned by Tech Mahindra, 56% of companies mention chief technology/digital/infrastructure officers as being key cybersecurity decision-makers, closely followed by IT teams at 48%, CEOs at 38% and chief security officers at 35%. Although these findings suggest that the sole responsibility lies down to those with specialist knowledge rather than a general business mind – companies must take an approach that takes all partners into account. A dual leadership approach is vital for the successful implementation of a cybersecurity plan. Combining the expert knowledge of a Chief Operating Officer (COO) and technology leader means the digital journey has a greater chance of succeeding.

Have a strategic plan to tackle risks caused by new age technologies:

It is commonly assumed that digital transformation often involves using cloud-based platforms and services, it can also involve the adoption of emerging technologies. While emerging technologies such as AI and ML bring new opportunities for companies, they also expose them to new risks.

The report finds that while 32% of companies use Artificial Intelligence (AI) and Machine Learning (ML) a moderate or great amount, nearly half (47%) are only using them a little, but plan on doing so in the future. As new technologies inevitably lead to new cybersecurity risks, companies must begin the hard work of developing a well-thought-out strategy before beginning to work with them. They must find solutions for new vulnerabilities and stay abreast of new regulations and tools.

A failure in preparation on how to leverage these technologies would not only be a heavy dent in budget and time investment but would also slow down the organisation's digital transformation journey.

A robust cyber security investment strategy requires business leaders to have access to relevant and accurate risk quantification insights. Businesses need a system which provides a holistic view of cyber risk across the organisation and ensures this risk is effectively and efficiently managed through streamlined practices and standardised processes, along with best practice tools and technologies. These services will improve visibility and control, leading to more effective risk management across the enterprise.

Digital efforts will be successful if businesses prioritise cybersecurity in their operations, have a balanced leadership team that champions cybersecurity, and adopt emerging technologies strategically. Companies that succeed in these areas will realise the full benefits of digital transformation and cybersecurity.

By Darren Thomson, Field CTO EMEAI, Commvault.
By Oliver Feiler, Head of Global Alliances and Strategic Partnerships EMEA, Nozomi Networks and...
By David Higgins, EMEA Technical Director at CyberArk.
By Manuel Sanchez, Information Security and Compliance Specialist, iManage.
Anita Mavridis, VP of Product at Zivver, and Sue Musumeci, Director of Quality & Clinical...
By Danny Lopez, CEO of Glasswall.
Nadir Izrael, Co-Founder and CTO at Armis discusses the importance of critical infrastructure...
By Darren Thomson, Field CTO EMEAI at Commvault.