Cyber means serious business today

Cyber today is creating newer possibilities for businesses, with 55% of ‘high cyber mature’ organizations highlighting that Cyber gave them the confidence to experiment with new avenues. Building an organization ground up with Cyber in mind gives confidence to execute initiatives more boldly – whether driving the business, exploring digital technologies, or evaluating third-party engagements.
Tarun Kaura
  • Updated On Jul 18, 2023 at 03:57 PM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
<p>Tarun Kaura, Partner and Cyber Leader, Risk Advisory, Deloitte India</p>
Tarun Kaura, Partner and Cyber Leader, Risk Advisory, Deloitte India

Technology today is creating a smarter, more unified world, where possibilities are endless.

The compounding effects of Cloud and AI on innovation, the role of immersive tech in enhancing digital experiences, or the combined power of IoT, 5G, and edge compute in real-time data processing - are all rapidly shaping our current and future realities.

Last month, India celebrated ‘National Technology Day’, themed around encouraging younger minds to innovate. As we celebrate possibilities, use cases, and the need for innovation, oftentimes, security considerations get overlooked, because of the common misconception of being a roadblock.

Advt
But, what if, cybersecurity was the enabler, that could make technology reliable, scalable, and usable?

We recently rolled out our Global Future of Cyber survey, and in our conversations with several security leaders across the country, we have, in the last couple of months, come face-to-face with certain emerging nuances in Cyber, that underscores this changing profile of cyber in organizations.

Cyber today is creating newer possibilities for businesses, with 55% of ‘high cyber mature’ organizations highlighting that Cyber gave them the confidence to experiment with new avenues.

Building an organization ground up with Cyber in mind gives confidence to execute initiatives more boldly – whether driving the business, exploring digital technologies, or evaluating third-party engagements. It helps assess both the risks and rewards while propelling the organization towards options with deeper and long-term outcomes. Imagine a cloud transformation journey that takes security into consideration the very first day – it will impact the choice of the vendor; it will compel aligning of resources and processes for a secured migration; and it will prompt robust security measures, prioritising tools for better visibility and monitoring. The result is more confidence, buy-in, and trust from stakeholders.

Building the case for Cyber is still elusive as it is still construed to be an expenditure. ‘High cyber mature’ organizations recognize that Cyber means business today. It’s an enabler and a force multiplier, that builds the business for the long-haul.

The real challenge, however, is persuading the management and the board to fully take cognizance of this so that cyber-first thinking becomes a business imperative. To address, it is important for security leaders to correlate Cyber with business and financial impact and communicate in a language that the stakeholders appreciate.

About 64% of ‘high cyber mature’ organizations use maturity assessments to guide cyber investments, and 59% use risk quantification tools to measure Return on Investment. Having a scientific approach, backed by data, also gives security leaders the confidence to ask for the right budget that can achieve the right outcomes. It empowers the CISO to look through the clutter and align resources where it matters most.

Advt
A CISO must also be a strong communicator and a business influencer, to provide the right steer to the organization, so that Cyber is leveraged as a business differentiator.

But, cyber-attacks will continue as we move towards a more complex future where technology seamlessly connects, and compounds both the positives and the negatives.

Today, language means no barrier, and social media has a defining role in spreading valuable information, misinformation, and frauds, all at the same time. Cyber criminals and hacktivists have been leveraging these platforms for both social engineering attacks and mass mobilisation. Technology will continue to proliferate, with AI and cognitive solutions transforming the way we live and operate. For example, today, there is significant enthusiasm, among the business and the creative community alike, on the possibilities of generative AI with its creation of content, know-how, and graphics.

In this age of technology and digitalization, there would be vulnerabilities, and blind-spots that cyber criminals and adversaries will continue to look out for. There could be collateral damage from hacktivism. There could be a data breach because of one wrong click by an innocent employee. So, the next time there is a management ask, you should be prepared to communicate the levels of prevention. At the same time, be bold enough to admit that no organization is fully secure, and finally, show the confidence in being able to get back on your feet with robust incident response planning and preparedness. This will require a headstrong focus on resilience and if that requires involving the board and the business in scenario planning, war-gaming, development of playbooks, and stress-testing (together with the extended enterprise), you must ask for it.

What is the winning streak?
Collaboration – Within the organization and outside, Cyber should unite all. We need cyber-savvy employees, management, organizations, and ecosystems. For Cyber to become a shared responsibility in an organization, the overall cyber quotient must be elevated, boards must become cyber champions, cyber-first actions must be acknowledged, and ownership must be established.

At the same time, bringing the outside-in view is critical –learnings from across industries and peers, sharing of threat intel, and exchanging best practices - will help organizations stay vigilant and secure.

It is vital that collaboration be leveraged as a winning strategy that empowers everyone in the value chain, to work towards a secured and resilient future.

The author is Leader-Cyber Advisory, Risk Advisory, Deloitte India

Disclaimer: The views expressed are solely of the author and ETCISO.com does not necessarily subscribe to it. ETCISO.com shall not be responsible for any damage caused to any person/organization directly or indirectly.

  • Published On Jul 13, 2023 at 02:52 PM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App