Cyber Security Needs To Go Up The Boardroom Agenda

Cyber Security

Countless cyberattacks have shown us that an incident can have catastrophic consequences. For a business, this can lead not just to the loss of data, but also to expensive and time-consuming production delays, and, in the worst-case scenario, an entire business shutting down with a serious impact on the brand and its reputation. Every month we see increasingly sophisticated attacks that highlight just how vulnerable companies and governments are in the face of these new threats. 

Time For Businesses To Wake Up 

It’s unrealistic to think that we can put an end to cyberattacks, so it becomes necessary for companies to take strategic action themselves, get off the sidelines and invest in solutions that will protect them if the inevitable occurs.  Of course, for many organisations, cybersecurity represents a cost – technological, human, or organisational – and that means that investment is all too often put on the back burner. According to recent research by the Ponemon Institute, less than 41% of UK organisations believe they have the right security technologies to adequately protect information assets and IT infrastructure.

Inevitably, implementing security safeguards does come at a price. But in the same way that we take out insurance to protect ourselves against risks to our property, we should be mitigating the risks to our businesses from cyber criminals. The most effective way to do this is by positioning cybersecurity as a strategic area of governance in which the technological and organisational effects of an attack are taken into consideration and given priority. 

Because of the seriousness of the situation, we are now beginning to see the emergence of laws that force companies to step up their cybersecurity practices. If organisations want to prevent these laws from becoming more onerous, they will need to take responsibility for ensuring stringent measures are put in place. The importance of this means that the issue has to escalate out of the IT department, becoming top of the agenda in the boardroom, particularly when it comes to investing in the necessary precautions.

Shift In Direction 

What makes the rise in cybercrime even more difficult to deal with is that hackers have become so emboldened as to deliberately court attention for their attacks within the security community. This approach flies in the face of the usual APT (Advance Persistent Threat) attack, whose primary objective is to remain hidden as long as possible. Mainly, these massive new attacks aim to expose vulnerabilities on a large scale for maximum visibility, although some are more likely to be the attempt of a hacker to test a company’s defences. Make no mistake: this is just the beginning, and these threats are going to become increasingly virulent and dangerous.  

Everyone On Board For The Greater Good 

Cybersecurity is, therefore, everyone’s concern. The growing number of high-profile attacks in recent months needs to be on everyone’s radar. And they should be aware of the major repercussions for companies that do not take the necessary precautions to protect themselves. 

Finally, beyond ensuring their own data is secured, it is imperative for companies to consider their entire ecosystem of employees, partners and customers. As the line between people’s personal and professional lives becomes increasingly blurred, so companies are, by default, becoming responsible for providing digital protection for their employees and customers. If everyone recognises their role and takes action, there is a chance we can avoid the worst and create a secure digital space where we can all thrive.

Pierre Calais

Pierre Calais is Chief Executive Officer at Stormshield. He is a scientist and engineer by training and held a number of engineering roles before turning towards management and services. He was in senior positions at NetSecureOne, Netasq and Netasq-Arkoon before being named CEO of Stormshield in 2015.