We often hear phrases like Experience Economy, Sharing Economy and Collaborative Economy, important economic drivers in the digital world.
The common underlying thread here is that of Connections:
- That many connections must exist in order for the new market economics to thrive and grow;
- That these connections must be seamless, frictionless and always-on to meet users basic expectations;
- That we need to connect billions of sensors, millions of devices, thousands of business networks, all enabled by eco-systems of technologies, old and new.
In this respect, the “born-digital” companies have a distinct advantage. They are using modern software and infrastructure that is much more resistant to threats.
It’s the companies born of previous eras — with a combination of older systems, out-of-support software, multiple physical locations and diverse age range of employees — that are at most risk from cyber attack. These companies are trying to make the modern types of connections that they were never originally designed for.
These connections cause cracks to appear. The more connections, the wider the cracks.
At CSC we focus on helping these companies manage these threats.
You’ll find that it’s often not in the areas that you expect vulnerability or a penetration. For instance, in the Target example last year, an older, but still very common, version of Microsoft Word, combined with email phishing via one of the company’s suppliers to enable a hacker to penetrate their fortress walls.
Recently, I was privileged to wrap up the “Digital Bytes” event hosted by CEDA (Committee for Economic Development of Australia). The topic was Cybersecurity as an Economic Driver, with keynotes from Steve Glynn, chief information security officer of ANZ Bank, and Mike Burgess, chief information security officer, Telstra.
Some of the key points I took note of in Steve Glynn’s speech were:
- Cybersecurity and technology is the No. 1 rated issue by your customers and the community.
- Complexity is the cybersecurity killer.
- Where is the perimeter? It’s now a people perimeter OR human firewall. So it’s critical to create a cyber-safe culture.
- How do you know when you’ve been attacked?
- The bad guys collaborate, so why don’t we? Collaboration beyond organisational walls is critical.
Mike Burgess shared important views, including:
- We are only scratching the surface of connectivity, and its impact on our economy.
- Technology means that crime, protest, activism will happen at an accelerated pace, scale and reach.
- How we respond will impact our economy. Australia can be a safer place, and by doing this, we can create more diversity to our economy.
- Cyber security is not an IT problem. It’s everyone’s responsibility.
- Never waste a good cyber attack. Use the misfortune of others to create scenarios for your own business to develop a response. Simply relying on good compliance or spending a lot of money, does not equal good security. It requires a whole-of-business approach
Taking the journey to digital is a necessity for all of us if we are to remain relevant, build sustainable businesses and, collectively, create a sustainable economy. But it’s no longer good enough for cybersecurity to be the responsibility of IT. It requires active involvement from the Board and the entire executive leadership team, to manage your company’s response the cyber threats.
A safe business and a safe country will create a vibrant economy.
I would like to end on a quote that both Steve and Mike shared at the event:
“It’s not a question of if, but when you will get attacked. It’s how you detect, respond and recover that matters most.”
Is your company’s leadership board involved in cybersecurity decisions?