Today’s world thrives on an unprecedented reliance on technology and with remote working marking the new normal, cybersecurity is more sensitive and important than ever before. With persisting digital divides and a scale of digital shift humanity was unprepared for, larger concerns linger. If the acceleration of digitization had begun before the pandemic amid questionable degrees of public distrust and business troubles, the coronavirus-induced transformation merits a conversation that affects all realms of life, particularly the world of business.
The context can be simply described as one where crucial data is floating around and people are struggling to come to terms with these developments. As per The Business and Innovation Magazine, according to a recent 1,000-person survey almost half (48%) of people in the UK questioned about the NHSX contact-tracing app say they don’t trust the government to keep their information safe from hackers. The poll also found that 43% of respondents are worried that using the app could give fraudsters an opportunity to launch phishing attacks by email or SMS. This is in addition to the thousands of fake Covid-19 domains springing up and being used to initiate a spate of recent online frauds.
To add to this, considering the world of business, workers are accessing sensitive applications from home, businesses are moving their data off-premise and into the cloud. The dangers of hacking, scams and misinformation are more pointed than ever with greater volumes of data being stored and transmitted online. The Economic Times mentions how DMZs (Demilitarized Zones) and VPNs (Virtual Private Networks) were designed for the networks of the 1990s and have become obsolete because they lack the agility needed to protect digital businesses. Organizations rapidly shifting services to the cloud as part of accelerated digitalization witnessed a paradigm shift from ‘fortress’ to distributed, risk-based and data-driven models. Enterprises are continuing to expand their networks the old way and thus, increasing the risks considerably. In June 2020, Swissinfo.ch reported figures from the NCSC (National Cyber Security Center) showing that there were 350 reported cases of cyberattacks (phishing, fraudulent web sites, direct attacks on companies etc.) in Switzerland in April, compared to the norm of 100-150.
These reports signal a potent need to invest in adequate responses, which means that companies and institutions will have to invest in cybersecurity structures as well as employee training. This twofold process shall necessitate hiring of cybersecurity experts and cybersecurity awareness programmes and to this end, some observations are noteworthy.
First of all, it is necessary to understand that cybersecurity is an industry of its own and has its own particularities. Not only is the domain somewhat unfamiliar to people in general, the industry battles an acute skills shortage, with unavailability of full-time workers. However, as Ashish Gupta, the chief executive officer of Bugcrowd notes, the reality is that when you break down the functional needs of roles that were traditionally resourced in-house, there are many cybersecurity experts in the world who can fulfill the requirements remotely. Cybersecurity is a 24/7 job, and the volatile employment market brought on by Covid-19 has rapidly globalized an even larger talent pool that can be mobilized without full-time employment. Therefore, instead of seeking a whole new team of experts, a workforce model that relies on seeking services from a specialized talent pool can go a long way in securing data without burdening the company’s resources.
Simultaneously, however, employees need to be educated and trained in cybersecurity. From the basics to the dangers of advanced phishing attacks as well as mechanisms to access help when needed, workers can be attuned to the ebbs and flows of working in a potentially vulnerable digital environment. Professor Kamal Bechkoum, head of Business and Technology at the University of Gloucestershire notes the importance of a human firewall, calling people the first line of defence. Beckhoum says, “Lead by example and develop all of your policies and teams to be cyber-aware. Preparedness can’t simply be delegated to the IT department or executive. It has to be the responsibility of everyone.” A proactive approach where cyber vigilance does not simply become a matter of training but doubles up as a culture of work itself is necessary.
On the whole, if the future of work is digital, securing it would need greater investment in and adaptation to cybersecurity. It is incumbent upon companies and individuals to make the leap towards combating the landscape of cyber threats and must be an agenda of executive professional endeavour. To guard our work is our responsibility and we must intensify our efforts to that end.