Cybersecurity: The Increasing Urgency to Business Resiliency

Learn why cybersecurity is critical now more than ever, what it provides, and what it requires.

Learn why cybersecurity is critical now more than ever, what it provides, and what it requires.

Our earlier post, How Cybersecurity Is Critical to Business Resiliency, stated that data is important for a variety of reasons, from marketing to operations to AI/ML, and more.

Current figures document even greater importance of data as an influential factor in businesses and economies. From 2021 to 2027, the Global Big Data and Business Analytics Market is projected to grow from $274 billion to $448 billion, a 13% CAGR. Such increasing volume of data management and analysis and the advances in technology add reasons to examine why cybersecurity is critical and how to ensure we stay ahead of cyberthreats.

Why Is Cybersecurity Critical Now…and Later?

Cybersecurity will become more critical through the 2020-2030 digital decade. The Identity Theft Resource Center (ITRC) 2021 Annual Data Breach Report states, “the overall number of data compromises (1,862) is up more than 68 percent compared to 2020. The new record number of data compromises is 23 percent over the previous all-time high (1,506) set in 2017.”

Eva Velasquez, president and CEO of ITRC, adds “There is no reason to believe the level of data compromises will suddenly decline in 2022. As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber-hygiene.”

The importance and volume of the data itself make the cyberthreats and cyber-risks more prevalent, which makes cybersecurity an increasingly critical strategic factor in businesses. The cost of data breaches like ransomware and malware reveals the financial significance of cybersecurity to a company’s strategy. Here are current indicators that these costs are increasing fast:

Data security focuses on the data itself and access to the data to protect against unauthorized modification, destruction, and disclosure.

More inclusive, cybersecurity protects data and the systems and applications that manage data. The National Institute of Standards and Technology defines cybersecurity as “prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality and non-repudiation.”

The Allianz Risk Barometer, 2022, asked 2600 respondents to name the three risks that were their greatest concerns. 44% of the responses from all sized businesses signified cyber-incidents as the biggest concern. These included:

    • Ransomware – 57%
    • Data breaches – 57%
    • IT vulnerability – 30%
    • Digital disruptions – 30%

What Cybersecurity Provides

A cybersecurity program should increase an organization’s ability to reduce downtime to critical business functions after a cyberattack. The NIST Cybersecurity Framework sets such a strategy across five functional areas:

    1. Identification: itemize and justify the specific elements to be protected and why
    2. Protection: determine the specific protection elements needed and how to implement them
    3. Detection: put in place strategies and actions that detect potential cybersecurity breaches quickly and accurately
    4. Response: plan the communication, analysis, mitigation and improvements to apply in the event of a breach
    5. Recovery: construct recovery plans that include improvement contingencies and thorough communication

Effective recovery protects critical data, identifies suspicious activity and responds immediately with correction and improvement. Integrating recovery as capstone of the five components offers a company true cyber resiliency.

As a cyber or ransomware attack occurs every 11 seconds, companies must have resiliency solutions that allow recovery to a stronger, more dynamic level than before the cyber-event. 21st century business resiliency relies upon recovery.

Cybersecurity and the Workforce

International Information System Security Certification Consortium (ISC)2 issued their 2021 report that states the global cybersecurity workforce needs to grow 65% to effectively defend organizations’ critical assets. Diversity can be key to that growth.

The report estimates that only 25% of the cybersecurity workforce are women. Study respondents offered a combination of initiatives to increase diversity in their workforce.

Graphic indicating poll responses on how cybersecurity professional workforces can diversify.

The shortage is in both number of cybersecurity professionals and in additional skills needed by employees in place. The required upskilling spans several disciplines, such as these reported by CSO Magazine:

    • Risk ID and management and threat hunting
    • Technical fundamentals, interpersonal skills and business acumen
    • Data management and analysis
    • Development Security Operations (DevSecOps)
    • Automation, cloud, AI/ML

Cybersecurity has become more than a technological concern. Because the cybersecurity professional’s role now touches disciplines throughout a business, everyone with responsibility for cybersecurity requires training that spans IT, cybersecurity frameworks, business and interpersonal skills.

Dell Technologies’ cybersecurity on-demand training package provides such training and information: from security fundamentals to IT and NIST frameworks to practical training on the Cyber Recovery solution.

To take the necessary steps toward cybersecurity for your company or knowledge and skills for your growth as a cybersecurity professional, please visit the Dell Technologies Global Data Protection Index.

1 Bloomberg: U.S. Treasury Offers Crypto Guidance Amid Ransomware Surge, October 15, 2021.

TIm Wright

About the Author: Tim Wright

Tim Wright’s entire career at Dell has been in an education and learning communications role. He has developed and facilitated professional skills courses, facilitated leadership development courses, written internal and external blog posts, among other assignments. Currently, Tim serves the Education Services organization with internal and external communications responsibilities. Tim’s career has focused entirely on learning and education, from teaching in middle school through long-term assignments in the telecommunications, healthcare, and information industries. He earned his BA (English) at Washington & Lee University and his MBA (Business) at New York University.