For some time now, we have been talking about the digital transformation of organizations and its rapid acceleration, mainly as a result of the challenges imposed by the Covid-19 pandemic. In this context, one of the issues that was acquiring greater scale and speed, and that must be addressed, are the risks that arise in this same scenario. Taking into account that cybersecurity is no longer just a trend to become a reality, companies, in addition to seeking solutions, are adopting new approaches to face the constant threat.
According to the annual report Cost of Data Breach, conducted by the Ponemon Institute and IBM Security, globally there was an increase in the cost associated with data breaches, the highest level in 17 years, with an average cost of US $ 4.24 million per incident, which represents an increase 10% compared to the previous year. ‘ Added to this is another not-so-encouraging news: the response time is now a week longer. In total, 287 days are required between the detection of an incident and its containment. It is important to note that, while Latin America had an average cost of US $ 1.8 million, which is below the world average, that cost increased by 30% compared to the previous report, registering a response time of 356 days.
Follow us on Google News to keep you always informed
In part, this impact can be explained by the changes that companies had to implement in the midst of the pandemic, when at high speed and at scale they had to migrate their operations to remote mode. In the region, the financial sector is the one with the highest costs due to data breaches, followed by the services sector; however, similar trends are seen in all industries, due to the adaptations that they have been going through. Added to this is the complexity of IT scenarios. Today, IT teams are adopting up to 50 different security solutions from up to 10 different technology vendors or business partners. New contexts and new technologies require new approaches and deserve a close and attentive look by leaders on these issues.
Expand the strategic view of security
Security is not an issue that should be handled by the technology team alone. All areas, employees and leaders share responsibility within the organization to help prevent and solve problems. To protect themselves from risks, many companies adopt measures that not only help defend and respond to cyberattacks, but also act to prevent them.
Follow the information about business and current affairs in Forbes Mexico
But what can we do as leaders to prevent the incidence of cyber risks as much as possible? I share with you some relevant practice recommendations that help in this regard, which some organizations are already putting in place.
- Taking a zero-trust approach. It is based on the assumption that there may already be a compromise, either to the identity of the users or to the network, requiring ongoing analysis and validation of the connections between users, data, and resources. In today’s world, we can no longer think that the threat will not come; On the contrary, the probability of being attacked has continued to increase over time, due to the vertiginous digital transformation of companies. Leaders must implement a mature strategy of zero trust and train employees, managers and leadership teams to know how to prevent, detect and help solve the threats that people or organizations may face.
- Using technology to make better decisions. Planning how security-related decisions are made is part of threat preparedness. Taking advantage of technological advancement is another solid move to protect yourself, especially thanks to the maturity of cybersecurity solutions based on artificial intelligence, advanced analytics and hyper-automation. These solutions can help predict, prevent and react, greatly reducing risk and exposure. They can also help lower the cost of a violation and shorten the response time. Companies that experienced attacks and already had a more mature overall cloud-based modernization strategy were more effective at detecting and responding to incidents (77 days faster) and had lower costs, up to 59%, in Latin America.
Follow the business information in our specialized section
- Creation and participation in advisory councils on cybersecurity. Collaboration and the exchange of ideas are key to preparing for a moment of vulnerability. Understanding what other executives and companies have been through can help us predict the future movement of our company and anticipate decision-making so that the impact is less. Being part of a Safety Advisory Council can not only help individual companies to discuss relevant issues, but also to work together to find the best solutions. And here I am not thinking only of technological solutions, which as I mentioned are also a key factor, but also in Corporate Governance, what is the best way to address a crisis, how to communicate internally and externally, who has to be activated or what are the guidelines and the next steps to be taken to reduce the impact.
In times of rapid change and accelerated digital transformations, anticipating and being prepared with security tools and processes can be critical to dealing with risks. The best way to deal with threats is to look at them head-on, take the conversation to leadership, understand security as a priority issue that affects the entire organization, monitor the scenario, and closely monitor decision-making.
Sources:
Cost of a Data Breach 2021 – ibm.com/databreach
The Rise of Cybersecurity Debt – https://techcrunch.com/2021/06/04/the-rise-of-cybersecurity-debt/
Subscribe to Forbes Mexico
Contact:
Tonny Martins, General Manager of IBM Latin America*
The opinions expressed are solely the responsibility of their authors and are completely independent of the position and editorial line of Forbes Mexico.