Cybersecurity score cards will differentiate businesses as online risks rise

0:00
play article
Subscribers can listen to this article
Cybersecurity score cards will differentiate businesses as online risks rise
Cybersecurity score cards will differentiate businesses as online risks rise
BUSINESS


The world’s transition to remote working and increased reliance on digital platforms pose numerous challenges for businesses, most notably heightened security risks.

As people spend more time online and access office networks from home or while on the move, an increasingly sophisticated cohort of criminals is looking to exploit the vulnerability created by this new operating model.

So how should businesses be dealing with cybersecurity? What are some of the current trends and future issues and what does success look like? These were the questions that were tackled during a recent Investec webinar.

READ: Navigating the digital data war

Attack vectors have changed now that so many people are working remotely. The most prevalent attacks we’re witnessing globally across industries are cyber extortion attacks, in which criminals try to compromise data and install ransomware.

Unsurprisingly, cybersecurity has become a discussion at boardroom level across the globe. And South African companies remain a prolific target. Research by Comparitech ranked the country 31st out of 75 in terms of cybersecurity exposure.

As these threats continue to rise, customers and partners will require assurances from the businesses they engage with that their cybersecurity measures offer sufficient protection.

Trust remains the core component in business success. Customers need to trust that their data and their finances are safe and that systems are always available to operate and transact as more engagement happens online.

And in the burgeoning digital economy, a cybersecurity scorecard will become a vital measure to determine a company’s trustworthiness.

Irrespective of the industry and what other companies are doing, it is best to work according to some form of cybersecurity framework based on a universally accepted standard

Cybersecurity scorecards use publicly available information collected from the internet to offer a holistic view of a company’s security capabilities and effectiveness.

From a business differentiation perspective, cybersecurity scorecards offer a visible representation of a business’s security measures. And if scorecards became mandatory, they would act as a tangible measure to rate and compare financial service providers such as banks.

While a few companies globally already produce cybersecurity scores, I believe that a standardised scoring system applied across industries would help make entire sectors more secure.

Speaking on the panel, Cisco technical solutions architect Greg Griessel said: “Irrespective of the industry and what other companies are doing, it is best to work according to some form of cybersecurity framework based on a universally accepted standard. That sets the baseline for what you do beyond that.”

I think it’s critically important that the banking sector takes the lead on this. At present, the industry tends to respond reactively to regulations and compliance.

However, an additional incentive, like the ability to attract and retain new customers, would accelerate the adoption of advanced cybersecurity solutions. This would benefit the industry and the customer, given the evolving risk landscape.

Experts predict that, even once the pandemic is over, cybercrime’s impact will only grow in magnitude as the world transitions to a digitised future amid the fourth industrial revolution.

READ: Our digital footprint generates enormous value, but too much of it ends up in Big Tech silos

According to cybercrime researcher Cybersecurity Ventures, global cybercrime costs will grow by 15% year-on-year to reach $10.5 trillion (R150 trillion) annually by 2025, up from $3 trillion in 2015.

We will increasingly see scripting-based automated attacks, while artificial intelligence and quantum computing attacks pose significant future threats and will change the game altogether.

Businesses will need to automate their defences to respond because you can’t manually defend against automated attacks.

While attacks with this level of sophistication are still some way off, businesses must start building quantum-resilient encryption today; cybersecurity scorecards could proactively advance this agenda.

Pioneering industry-wide cybersecurity scorecard adoption in Africa would also advance digital competencies on the continent and help local businesses compete in the global marketplace.

The opportunity for Africa is to learn from others and leapfrog more developed economies as companies sweat sunk investments in older technologies. Cloud-based solutions offer significant opportunities in this regard.

Young is the global chief information security officer for the Investec Group, where he crafts and executes the global security strategy and provides assurance to the various Investec boards and executives


facebook
twitter
linkedin
instagram

Delivering the 

news you need

+27 11 713 9001
news@citypress.co.za
www.citypress.co.za
69 Kingsway Rd, Auckland Park

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24

E-Editions

Read the digital editions of City Press here.
Read now
Voting Booth
ANC secretary-general Ace Magashule has written a letter suspending party president Cyril Ramaphosa in apparent retaliation after he was served with a letter of suspension on Wednesday.
Please select an option Oops! Something went wrong, please try again later.
Results
He doesn't have the power
34% - 97 votes
It’s a declaration of war
24% - 68 votes
Nothing but a distraction
41% - 117 votes
Vote