Michel Nader, Sr. Regional Director – Data Protection Solutions – MERAT, Dell Technologies
In today’s always-on, always-connected economy, businesses are under pressure to
enhance their cybersecurity strategy and prove to their customers that data protection is
critical to their customer engagement strategy. Furthermore, as the world economy
continues to digitise operations, supply chains, business transactions, and employee and
customer services, cyberattacks are expected to continue to pose as one of the major
threats to the world.
The World Economic Forum’s Global Risks Report 2020 ranks cyber-attacks as the second risk of greatest concern to businesses in the coming decade. As the tools of the Darknet become more sophisticated and accessible, cyber-attacks are increasingly borderless – taking advantage of jurisdictional constraints of regional authorities. In cyber-security, new threats and vulnerabilities appear at break-neck speed, so, as new technologies create opportunities to innovate, we’re seeing more large-scale data loss and the rise of ransomware attacks – so business resiliency planning is key to survival.
Why businesses must act
Reacting in real-time to a cyber-attack is already too late. Managing the risk requires agility, meticulous alignment across the business and testing to maintain awareness – it’s about being proactive rather than reactive. Cyber resilience is more important than ever as medium-sized businesses assess their risk of being attacked, whether at the hands of criminals or as collateral damage in cyber warfare.
Any data loss can put the nails in the coffin for unprepared businesses. While today’s business leaders may hope to evade the hit-list, it is a matter of ‘when not if’. According to the Dell Technologies- Institute for the Future (IFTF) ‘Realising 2030 Study’, 4,600 business leaders around the world ranked security and data privacy concerns as the most pressing barrier to successful digital transformation. 51% of them admitted that they have ineffective cyber-security measures in place while 59% believe their workforce aren’t sufficiently security savvy.
It is also interesting to note that in the Middle East specifically, the growing proliferation of IoT devices is creating massive security gaps that are enabling cyber criminals to double the number of data breaches and identity thefts every year. The reason being: as more organizations pursue digital transformation initiatives, they’re encountering new, complex risks that are expanding their attack surface. So, as IoT and AI enabled machines continue to be integrated into businesses, it is critical to ensure that these networked devices remain safe and secure.
Defending against catastrophic data loss
The data era is changing how organizations think about, monetize and protect data. Data is now an asset for most companies. The Dell Technologies Data Protection Index found that 86% of IT decision makers in the UAE see the potential value that data holds, but despite this risk, organizations have limited confidence in their data protection solutions, with 88% citing that their current data protection solution will not enable them to meet future business challenges.
Protecting a huge portfolio of assets is not easy, especially as it expands. But every business must understand what its DNA is – that’s the critical 10-15 percent of data that must be protected at all costs. Defending a business from the worst-case scenario, mission-critical data loss, requires cyber security expertise and a holistic approach to resilience. Awareness needs to be built across the business – this is not just a tech problem. Synergy between technology and business processes is where true resiliency is attained. Leaning on cyber experts when it comes to planning and implementation will help businesses to identify key applications, recovery times and objectives.
Every arm of the business needs to understand where their most sensitive data and
services sit and the level of risk around them. To understand the level of risk an agile
approach is needed, because risk changes along with the business landscape. For this
reason, regular scans and analysis of the internal landscape are essential to understand
these changes and the impact.
For some, this can often lead to analysis paralysis – the desire to save it all. In the same
way that we would only carry our most essential belongings from a burning home,
businesses must decide upon their most prized data so that it can be protected and used to
recover the business in the aftermath.
The good news is, this process can be simplified by data protection and cyber-security
services that enable organizations to establish policy-driven automated workflows to move
business critical data into an isolated environment and lock it down in less than five steps.
This is called a cyber-vault, the ultimate protection for a business’ DNA. In the event of an attack, this data will help businesses to recover. When responding to cyber incidents and
working to bring critical systems and data back online, accuracy and simplicity matter. A cyber recovery plan must be fully integrated within the business and align with its cloud
strategy over the following five years.
The other way to be better prepared is to simplify the data landscape and make data
available and protected from edge to core to multi-cloud, while protecting heterogeneous
environments through superior risk reduction and advanced security solutions.
The speed of innovation has opened the world to new opportunities but has also become a
Pandora’s box of risk. It’s important to remember that whatever threat trends proliferate,
business leaders cannot overlook the role security and risk management play in their
overall strategy. By not recognizing security as a potential business inhibitor, organizations
open themselves to blind spots and vulnerabilities that can cause severe financial losses
and reputation risks.
Looking ahead in 2020, all businesses need to be thinking like this and not assuming that
simply having the right tools in place will automatically make the organization immune to a
targeted, complex attack. The right security posture will require an adequate amount of
support from the C-Suite and an investment in people and processes that help make the
tools more effective. The best way to succeed in the age of digital transformation is truly
invest in cyber resilience in order to shore up the gaps in this ever-changing environment.