Learn why cybersecurity is critical now more than ever, what it provides, and what it requires.
Our earlier post, How Cybersecurity Is Critical to Business Resiliency, stated that data is important for a variety of reasons, from marketing to operations to AI/ML, and more.
Current figures document even greater importance of data as an influential factor in businesses and economies. From 2021 to 2027, the Global Big Data and Business Analytics Market is projected to grow from $274 billion to $448 billion, a 13% CAGR. Such increasing volume of data management and analysis and the advances in technology add reasons to examine why cybersecurity is critical and how to ensure we stay ahead of cyberthreats.
Why Is Cybersecurity Critical Now…and Later?
Cybersecurity will become more critical through the 2020-2030 digital decade. The Identity Theft Resource Center (ITRC) 2021 Annual Data Breach Report states, “the overall number of data compromises (1,862) is up more than 68 percent compared to 2020. The new record number of data compromises is 23 percent over the previous all-time high (1,506) set in 2017.”
Eva Velasquez, president and CEO of ITRC, adds “There is no reason to believe the level of data compromises will suddenly decline in 2022. As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber-hygiene.”
The importance and volume of the data itself make the cyberthreats and cyber-risks more prevalent, which makes cybersecurity an increasingly critical strategic factor in businesses. The cost of data breaches like ransomware and malware reveals the financial significance of cybersecurity to a company’s strategy. Here are current indicators that these costs are increasing fast:
- Data breach costs rose 10%, from $3.86 million (2020) to $4.24 million (2021) due to four process-related activities: detection and escalation, notification, post-breach response and lost business.
- The average cost of a data breach increased by $1.07 million in 2021, largely due to remote work caused by COVID-19.
- Ransomware payments totaled $590 million in the first half of 2021,¹ easily topping the $416 million paid in all of 2020, according to the United States Department of Treasury.
Data security focuses on the data itself and access to the data to protect against unauthorized modification, destruction, and disclosure.
More inclusive, cybersecurity protects data and the systems and applications that manage data. The National Institute of Standards and Technology defines cybersecurity as “prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality and non-repudiation.”
The Allianz Risk Barometer, 2022, asked 2600 respondents to name the three risks that were their greatest concerns. 44% of the responses from all sized businesses signified cyber-incidents as the biggest concern. These included:
- Ransomware – 57%
- Data breaches – 57%
- IT vulnerability – 30%
- Digital disruptions – 30%
What Cybersecurity Provides
A cybersecurity program should increase an organization’s ability to reduce downtime to critical business functions after a cyberattack. The NIST Cybersecurity Framework sets such a strategy across five functional areas:
- Identification: itemize and justify the specific elements to be protected and why
- Protection: determine the specific protection elements needed and how to implement them
- Detection: put in place strategies and actions that detect potential cybersecurity breaches quickly and accurately
- Response: plan the communication, analysis, mitigation and improvements to apply in the event of a breach
- Recovery: construct recovery plans that include improvement contingencies and thorough communication
Effective recovery protects critical data, identifies suspicious activity and responds immediately with correction and improvement. Integrating recovery as capstone of the five components offers a company true cyber resiliency.
As a cyber or ransomware attack occurs every 11 seconds, companies must have resiliency solutions that allow recovery to a stronger, more dynamic level than before the cyber-event. 21st century business resiliency relies upon recovery.
Cybersecurity and the Workforce
International Information System Security Certification Consortium (ISC)2 issued their 2021 report that states the global cybersecurity workforce needs to grow 65% to effectively defend organizations’ critical assets. Diversity can be key to that growth.
The report estimates that only 25% of the cybersecurity workforce are women. Study respondents offered a combination of initiatives to increase diversity in their workforce.
The shortage is in both number of cybersecurity professionals and in additional skills needed by employees in place. The required upskilling spans several disciplines, such as these reported by CSO Magazine:
- Risk ID and management and threat hunting
- Technical fundamentals, interpersonal skills and business acumen
- Data management and analysis
- Development Security Operations (DevSecOps)
- Automation, cloud, AI/ML
Cybersecurity has become more than a technological concern. Because the cybersecurity professional’s role now touches disciplines throughout a business, everyone with responsibility for cybersecurity requires training that spans IT, cybersecurity frameworks, business and interpersonal skills.
Dell Technologies’ cybersecurity on-demand training package provides such training and information: from security fundamentals to IT and NIST frameworks to practical training on the Cyber Recovery solution.
To take the necessary steps toward cybersecurity for your company or knowledge and skills for your growth as a cybersecurity professional, please visit the Dell Technologies Global Data Protection Index.
1 Bloomberg: U.S. Treasury Offers Crypto Guidance Amid Ransomware Surge, October 15, 2021.