“Without trust change cannot be undertaken. Security is not (only) about technology and (only) about prevention: it is a fundamental across-the-board principle which allows people and companies to continue along the path of Digital Transformation. Digital Transformation, as well as Business Development, depend on security just like we depend on air: it’s invisible, yet without it there can be no evolution, no life”. This sentence by Igor Kranjec, Chief Security Officer of Engineering opens the White Paper which is currently being published by Engineering to explain the topic of Cybersecurity, seen as a transversal element, which embraces the company, accompanies changes and is the enabling agent of Digital Transformation.
How do we tackle the topic of security in a company?
The paper provides several suggestions, all based on the principle that security should be seen not just as a set of technologies, but also of skills, processes and structures to protect data, applications and infrastructures from unauthorized access, damage or attacks.
Entrepreneurs and managers will need to know how their company operates in order to take the necessary actions to make its boundaries more secure, and how to involve the people who work there. This is because about 90% of the attacks exploit people in order to “open a door” and investing in awareness or security awareness becomes imperative. In addition to this, of course, it will be necessary to prepare for cyber-attacks, which will certainly occur, and which must be analyzed, identified, isolated and resolved in the shortest possible time. All this whilst knowing that 100% cybersecurity does not exist, but that it can be closely achieved by means of actions planned for the short and medium-long term.
What are the 5 realities which will change the way we deal with security?
There are five trends and things that will change the way we approach the issue of cybersecurity and for these a concerted strategy is being developed at European level to increase resilience to attacks.
- An increasing amount of information needs to be gathered to improve defense
Gathering data, including from other continents, which refer to threats that are becoming more widespread, becomes increasingly strategic, even though the great quantity of intelligence data makes its management complex. On this front, the challenge can be met by deploying automation, Artificial Intelligence and the detailed knowledge of each organization’s processes and operations, aimed at improving defense.
- IoT is increasingly widespread and pervasive
The increase in the intelligence and connection of physical world objects, through the application of sensors, combined with the spread of 5G networks, leads to increasingly fluid defense perimeters, subjected to new threats. This requires a continuous update of authentication and data validation procedures and an increasing focus on protecting IoT.
- The services offered to users are increasingly centralized on platforms which provide new ways of interaction
If we think about the spread of objects that can perform actions with voice commands, simply recognize users from their face or other biometric features and interact with those in front of them in a manner which is becoming more similar to man’s, we realize how this greater fluidity and ease of access brings new risks with it. Faster, password-free authentications, which are now widespread, must be made as secure as possible.
- Companies are and will be increasingly aware of the importance of security.
Businesses have realized that exposure to Cybersecurity extends to both tangible and intangible assets and that the economic impact of cyber threats must be quantified like any other risk. This is the reason why the use of specific forms of IT insurance to limit any negative impact on the business by a possible attack is becoming widespread in Europe too.
- Digital technology is, and will be, increasingly pervasive
The economy is increasingly linked to the spread of digital tools and technologies which “filter” into all areas: from transport to school and health care, just to name a few. It will therefore be increasingly important for companies to ensure complete transparency and accountability in managing the growing amount of data and information that they collect.
“The new technological frontiers – we read in the paper – make it possible to connect everything and everyone. This transformation is driving innovation forward at an unprecedented speed, introducing improvements in the way we live and work that until recently seemed unimaginable. This new world, made up of opportunities, must however be protected and only the right mix of experience, skills and technologies will ensure a secure and controlled transformation”.