This podcast was recorded in late 2020.
The innovation and creativity we have seen from organisations during the pandemic has been wonderful. A Mercer study in March found 92 per cent of companies had planned work-from-home scenarios in the event of office closures.
Adopting transformative technology has been a gamechanger for many organisations as they kept themselves afloat during the height of the pandemic. Much of this innovation has been encouraged by the unprecedented interconnectivity established in this time – and it is critical we keep these connections safe in order to continue to benefit from it.
As technology grows, it can often become more complicated, and this can have an exponential impact in large organisations. Sometimes keeping those complicated environments safe can be difficult, as there is more data to protect, more points of interaction to secure, and more people involved in the process.
It's really important we put in place the cybersecurity necessary to protect this connectivity, because if people lost confidence in it, it could have very damaging consequences. Every part of every organisation must understand what they need to do to make the most of these post-COVID digital opportunities.
For leaders of organisations, it’s important to understand cybercrime is big business. There are estimates cybercrime will cost organisations and individuals worldwide $US6 trillion by the end of fiscal 2021. That’s a significant amount of money.
That is in addition to the repair costs for impacted businesses, with the average cost of a data breach for businesses is $US3.9 million.
The truth is, with the capability available to anyone in the modern world it is relatively easy to attempt cybercrime. The ease at which unsophisticated actors can acquire the right tools is almost scary. Capabilities previously only available to nation states are now accessible to ordinary criminals, and very cheaply.
A critical factor for business to remember is the pace at which vulnerabilities are now exploited. We used to have weeks, sometimes months, between a new vulnerability being discovered and being exploited. These days it's minutes. Being able to secure systems quickly - effectively automatically - is very important.
Continued software maintenance is critical. Things like ensuring software is patched, updates occur automatically and vulnerable areas are protected are important first steps. Often large organisations will have a way of assessing which patches are critical, how fast they should they be applied and which systems should get them fastest.
Having backup systems is also important, as well as ensuring hardware is modern and has the latest firmware and software. Businesses should also have some sort of segmentation and user-access management in place so they you control access to different systems or different parts of their networks.
Data has also become a critical currency for business, and keeping that safe is also an increasing priority. Used correctly, data can help businesses understand what customers need and keeping that data secure is critical for both businesses and clients.
But as a side effect, data is also very valuable to those who should not have access to it. Criminals have recognised that stealing information, - particularly identity information – is lucrative. Just as the data opportunity rises, so too does the challenge of securing, protecting and safely sharing that data, for businesses and our customers.
The cloud is also growing in importance. Cloud computing is allowing many organisations to modernise and makes it easier for them to operate, while keeping systems up to date and more secure. This opportunity has accelerated during COVID when rapid and secure take-up of new and innovative technology has been critical to continued operation.
Even today there is a misconception cloud computing inevitably comes with a lot of security risks, but this is not the case. Done properly, cloud has the opportunity to enable improved security, while also making use of the latest technical advances like machine learning, artificial intelligence, and other capabilities. This can help our security defences keep pace with the significantly increasing threat environment.
There’s so much new technology available now, coming at us at pace that really makes a significant difference to how the world operates. We need to move just as fast to protect it, enable it, embrace it and reap the rewards.
Lynwen Connick is Chief Information Security Officer at ANZ