Combatting Cyber Security in 2014 and beyond

Rangu Salgame, Chief Executive Officer of Growth Ventures at Tata Communications, discusses the reasons why cyber security must be addressed in 2014 and beyond, filtered from the C-suite through the backbone of businesses.

  • Monday, 27th October 2014 Posted 10 years ago in by Phil Alsop

Government, businesses and consumers have all come under serious threat from cyber criminals over the last 12 months, and this looks set to continue to end of this year and beyond. Recent high profile breaches including the Russian crime ring breach, the Heartbleed bug, and the hacking of eBay's servers to name a few, have further solidified the industry concerns.


We are due to see a huge boom in the cyber insurance market, on the back of emerging standards. The market will develop to provide businesses with incentives for compliance whether that is a willingness to insure or reduce premiums.


Moreover, with many organisations adopting BYOD policies it is a concern that smartphones and tablets are also becoming even more of a target for criminals.
Couple this with the fact that there are not enough security experts to combat this rising threat and you can see why governments globally are alarmed. In fact, research and consulting firm Frost & Sullivan released a report which found that the number of security professionals globally is about 2.25 million, yet the requirement by 2015 will be 4.25 million. Moreover, cyber security is now being reclassified to a tier-one national security priority, signalling that policy makers are urging action now.


It is clear that everyone is waking up to the potential risks data breaches can cause, and the realisation that knowledge in this particular sector is limited has set in. To combat this, the UK Government Communications Headquarters (GCHQ) has recently announced the certification of six Master's degree programmes in cyber security as online attacks become an increasing concern. Minister for the Cabinet Office Francis Maude announced the accreditation of the courses when he visited GCHQ earlier this month, marking what the government is calling "another significant step in the development of the UK's knowledge, skills and capability in all fields of Cyber Security."


In today’s interconnected business environment, cyber-attacks are coming from a multitude of areas – cyber criminals (traditional hackers and hacktivists), espionage-type activities and data leakage where information is taken from an organisation and purposefully or inadvertently falls into the wrong hands.
Given this variation of attacks, all with bespoke motives, cybersecurity goes hand-in-hand with enterprise risk assessment as it can directly affect both operations and the broader brand or reputation of a company, often resulting in significant financial repercussions. What we realise is that IT security solutions alone are no longer enough. And it is with this point in mind that takes cyber security out of just an IT department’s responsibility and directly as a must-have agenda point for the boardroom table.


A key question that those around a boardroom table must understand is the motive behind potential cyber-attacks – what information do the attackers wants to glean – every company is unique. Only until this insight is understood can the right business decisions be made on the right investments to be made - a comprehensive defence system ultimately comes from an overarching strategy developed by businesses leaders and now is the time to act.


Think about how you can encourage employees to take responsibility for the protection of their own data, introducing training programmes to educate your workforce and dispel some of the myths around cyber security. Set up learning sessions to ensure employees are fully aware of the procedures they should be implementing in their day-to-day working lives when using mobile devices or transferring sensitive information. It may also be necessary to bring new talent into the organisation; today’s young people are increasingly tech-savvy and think in a much more integrated way when it comes to technology in their daily lives in and outside the office.
The underlying message here is that the threat of cyber-attacks will increase and C-suite leaders must not only brace themselves for potential hacks, but prepare their organisations fully for the possibility. Ensuring you are immune from cyber-attacks is almost impossible, but provisions can be taken to minimise the risk. We’re witnessing a whole new world of communications where the problem of cyber security can no longer sit siloed in the IT department and must be communicated throughout the organisation.