Regulations, expertise top cybersecurity challenges for 2021
Digitalisation is impacting nearly every single aspect of our lives. There is not only a rapid adoption of machine learning and artificial intelligence tools, but everyone is becoming more dependent on software, hardware and cloud infrastructure.
The complexity of digitalisation means increased threats and more challenges including cyberattacks on critical infrastructure. Ransomware attacks on healthcare systems, critical processes and public services such as electricity are prime targets.
Business leaders need to acknowledge that cybersecurity is a national security priority. They will only be secure if they incorporate cybersecurity features, principles and frameworks. In today's complex and distributed business environment, one needs to adapt to combat silent attackers that are technically savvy.
In order to achieve this, businesses will have to act quickly and develop policies and offer training on a large scale.
Cyberattacks have no borders, businesses need to adhere to a growing number and increasingly complex system of regulations and rules, such as the Protection of Personal Information Act 4 of 2013 (POPIA) and the General Data Protection Regulations (GDPR).
Whilst trying to comply with all these complex legislations, rules and regulations, companies still have to defend and protect against cyberattacks. Although these are essential, they can also be costly and create fragmented and conflicting priorities.
Policymakers need to understand that various regulations have similar intent and that various policies add complexity. It makes it difficult for businesses to comply with all rules and regulations, adding more complexity to cybersecurity and data protection. Policies must help increase protection but also reduce regulatory complexity.
IDC predicts that by 2025 there will about 55 billion connected devices worldwide, 75 percent of which will be connected to an IoT platform. Business leaders need to understand that they operate in an ecosystem that is more extensive and less certain than they may think.
Any ecosystem is only as strong as its weakest link. The fact that there are only a few key players in the tech space globally, provides easy access for criminals throughout the digital supply chain.
Business leaders need to realise the breadth of their exposure and what it really means to be protected. They will have to assess the extent of their entire attack surface and their resilience to cyber threats. To ensure there is an acceptable level of visibility and understanding of digital assets, one requires a cross-collaborative and inclusive process involving teams from various business units.
Ransomware is growing at an alarming rate, businesses must have preventative measures for ransomware or any other cyber-attacks. They need to be prepared for the worst, make sure there is always continuity of operations. Data needs to backed-up correctly for any disruptions to computer systems, and key staff need to be trained with a realistic cyber response plan.
Businesses that have a cybersecurity plan and improve their cybersecurity infrastructure, are more likely to be successful. Rather than considering cybersecurity as a liability, they view it as an enabler to everyday operations.
To take advantage of the promises of digitalisation, businesses will have to increase their focus on cybersecurity. Cybersecurity must by default be part of every business security decision and it should include a proactive plan to establish a cybersecurity workforce. Cybersecurity expertise is scarce, businesses should consider cultivating these skills organically.