Forget cybersecurity - the time for cyber resilience has come
Syrex's Ralph Berndt: Companies must be able to operate in the face of malicious cyber-attacks.
At the end of last year, research from McAfee and the Centre for Strategic and International Studies (CSIS) indicated that cybercrime had costed businesses an estimated $600 billion globally in 2017. While this number might be difficult to contextualise, consider this – almost 800 000 personal records were lost daily due to hacking. At a time when data is viewed as the oil of the digital age, companies must do more to safeguard this precious commodity.
The numbers are truly damming. According to Ralph Berndt, Director of Sales at Syrex:
“International research shows that 54% of global respondents admitted to being hit by instances of ransomware. The median financial impact per affected business – a staggering R1.8 million. Even more significantly, an average of two ransomware attacks per organisation were reported."
The consequences of such an attack on any business are significant, never mind on an SME or entrepreneur just starting up. Contributing to this challenging environment is one of the biggest misconceptions around cybersecurity – how best to protect your business.
Many companies think that having a firewall and antivirus is enough to provide adequate security. Yet, this is no longer the case. Just as technology has evolved, so too has the way malicious users target individuals and organisations. Sure, a virus might still pose a risk, but social engineering has become more prevalent than in the past.
Tricking staff into opening malicious files that give access to back-end databases or provide information they would not ordinarily share is one of the biggest concerns in the connected age.
Ralph says that cybersecurity today is about adopting an approach that includes cybersecurity, disaster recovery, and business continuity management.
“This has seen the emergence of cyber resilience to provide a company with the ability to continue delivering on its strategic business directives in the face of malicious cyber-attacks. Decision-makers should think of it as a natural evolution from pure cybersecurity to a cyber-resilience approach that is more of a methodology focusing on the measures and policies that need to be put in place to ensure continual business operations.”
Wikipedia defines this cyber resilience as ‘an entity’s ability to continuously deliver the intended outcome despite adverse cyber events.’
Cyber security experts agree that it is not a matter of IF a company gets compromised, but rather what will happen WHEN it does. All the signs point to how a company, irrespective of its size, industry, and geographic location, can best mitigate the risk of such a data breach with a cybersecurity strategy focused on business continuity.
Next year could well be the one that sees cyber security drive the corporate agenda.