from our leaders

Managing the security challenges of digitalisation

Managing the security challenges of digitalisation
Published: 28 June 2018

Over the past few years it has become clear to businesses looking to thrive in a global economy that digital transformation is not a “nice to have” – it’s a business imperative that can ensure survival, using data that can take advantage of existing market opportunities and create new ones.

This is the word from Wayne Borcher, who adds: “In a world where the Internet of Things (IoT) is placing smart devices in homes, businesses and cities, both people and devices are coming online more than ever before. In fact, Cisco predicts that by 2021, over a million IoT devices will come online every hour of every day.

“While this may be difficult to comprehend,” Borcher says, “mitigating breaches and attacks in this arena presents a massive challenge for all businesses.

“Ransomware attacks have created what is estimated to be a billion-dollar market for attackers, growing 1000% over the past two years,” he asserts, noting that holding data to ransom is not the same as a ransomware attack; and that not all data breaches involve upfront financial gain. “Often, a breach is used to gain access to confidential company and client data that can place both the company and its clients in danger of losing information that could be used in espionage or client identity theft.”

Borcher suggests starting off a digital journey defensively, on the understanding that an attack is inevitable. “Just as burglars will find a building that offers the least security to break into, hackers will seek the databases that are easiest to gain access to – easier targets present quicker returns.”

His proposals for a defensive data security strategy include:

Start with humans: Some data breaches are “inside jobs”, so vetting staff who will be handling data is crucial. Then, your governance team must not only include data, security and risk specialists, but a system whereby no single person can access all company information at any one time without robust integrated security architecture.

Data inclusion: Legacy data and data still held in silos across a company can present an opportunity for breaches. Your digitalisation process must ensure all valuable data is counted for in the streamlined system, and unnecessary data disposed of correctly.

Agility: Data democratisation should enable the right people to access the right data at the right time, while still ensuring the highest levels of security. Encryption and end-to-end solutions are available, but in order to comply with legal requirements and mitigate damage at precisely the same time, your governance and data teams must be agile and proactive.

“By understanding the value of your data to you and to potential hackers, SSA is in the business of knowing what we are helping you to protect throughout your data journey and beyond. Importantly, your security excellence can become a competitive advantage as the threat landscape continues to grow and your organisation continues to upgrade to meet challenges.”