Keeping up with the struggle for cybersecurity

If it has not already, cybersecurity will become an integral part of doing business in the future. With how much companies today rely on data as the lifeblood of their growth and innovation, the importance of the protection of said data from malicious actors is self-evident.

Fortunately, many leaders and executives are keeping up. According to multinational professional services firm PricewaterhouseCoopers’ 2023 Global Digital Trust Insights, chief information security officers and their teams are stepping up to improve their cybersecurity. More than 70% of 3,522 respondents observed improvements in cybersecurity in the past year — thanks to cumulative investments and C-suite collaboration.

Two-thirds of executives consider cybercrime their most significant threat in the coming year, according to the report, as cybercriminals are becoming increasingly proficient at using off-the-shelf tools to perpetrate and orchestrate a variety of attacks.

Technological research and consulting firm Gartner, in their Top Cybersecurity Predictions for 2021-2022, highlighted the importance of such a mindset.

“Security and risk management has become a board-level issue for organizations. The number and sophistication of security breaches is rising, spurring increased legislation to protect consumers and putting security at the forefront of business decisions,” Gartner wrote.

The firm predicted that by the end of 2023, modern privacy laws will cover the personal information of 75% of the world’s population, following the example of the General Data Protection Regulation set forward by the European Union. Countries like Brazil have already done so, with their own General Personal Data Protection Law. There is also California’s recent Consumer Privacy Act (CCPA).

“The sheer scope of these laws suggests you’ll be managing multiple data protection legislation in various jurisdictions, and customers will want to know what kind of data you’re collecting and how it’s being used. It also means you’ll need to focus on automating your privacy management system. Standardize security operations using GDPR as a base, and then adjust for individual jurisdictions,” Gartner wrote.

Such legislation will serve to encourage and even empower companies to enact their own countermeasures against cybercrime, such as the implementation of new cybersecurity mesh architecture that can reduce the financial impact of security incidents.

Building on this scenario, Gartner also predicts that around a third of enterprises will adopt cloud-delivered Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA) and Firewall As A Service (FWaaS) capabilities from the same vendor by 2024.

“Organizations are leaning into optimization and consolidation. Security leaders often manage dozens of tools, but they plan to consolidate to fewer than 10. SaaS will become a preferred delivery method, and consolidation will impact adoption timeframes for hardware,” the company explained.

Furthermore, Gartner expects to see as much as 60% of organizations using cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements by 2025.

“Investors, especially venture capitalists, are using cybersecurity risk as a key factor in assessing opportunities. Increasingly, organizations look to cybersecurity risk during business deals, including mergers and acquisitions, and vendor contracts. The result is more requests for data about a partner’s cybersecurity program via questionnaires or security ratings.”

Cybersecurity is an ever-evolving field, and one in which businesses cannot afford to be left behind. Technological advancement will continue to harness the power of data far into the future, and the sooner one adopts a careful, security-minded approach to handling that data, the easier it will be to use it to one’s advantage. — Bjorn Biel M. Beltran