Businesses must meet cyber security threats head-on

| June 27, 2017

Australia’s business world faces the challenge of evolving and innovating while remaining tied to traditional legacy technologies and systems. To stay ahead of the curve, we must balance new innovations and technologies with ever-increasing digital threats.

In the finance and technology landscape especially, there is no denying that we have seen significant market disruption. As businesses navigate today’s complex digital terrain, there are many challenges that senior leaders need to consider, including:

  • The rising power of the consumer. These days, consumers can readily change service providers who aren’t meeting their expectations. This places even more pressure on companies to ensure top-class customer service and a secure experience.
  • Ageing IT and technology core systems. Financial services organisations have had to grapple over the last few years with ageing and legacy core systems and a proliferation of more cyber-sensitive technology platforms.
  • An increasingly complex regulatory and compliance environment. Today’s environment has constant challenges and demands which bring consistent pressures and uncertainty into the mix of operational effectiveness. Where complexity exists, security becomes more of a concern.

Although cyber security has been talked about for many years now, in today’s fast- growing digital economy, it’s become a top business priority. Security is no longer an IT ‘thing’, but a core organisational and cultural concern for modern businesses.

Here are my top 5 considerations for meeting cyber security threats head-on in the digital age:

  1. Security is a strategic business differentiator. As customers expect more and more from the companies they deal with, customers want certainty that their data is being kept safe by their banking or financial institution. 

With criminal and dark web ransomware technologies on the rise, there is a sense of urgency for organisations to combat these breaches by investing in sufficient barriers against attacks. Artificial Intelligence (AI) solutions are emerging combatants that can help prevent cyber-attacks and data security breaches.

  1. Organisations need to build a cultural awareness around cyber security. Most cyber-attacks and exploits can be avoided by developing the right organisational culture. From boards to management to general employees, a broad awareness of the implications of security malpractice is an enterprise-wide concern.

Currently, jurisdictional legislation is not equipped to deal with the borderless nature of cyber-attacks, so there needs to be a focus on raising the bar both locally and globally.

  1. Digital identities don’t always deliver a safe security solution. Exploitation from cyber criminals is on the rise. A systematic approach to cyber security is needed, which many are identifying as a combination of identity, device, location and threat in attributes in an integrated platform.

 A combination of these attributes will in the future form the basis for a true digital identity. By building a digital identity graph with these layers, recognised and trusted behaviour patterns can be established to better determine genuine interactions.

  1. The answers are still to come. Frustrations around the current outdated username and password methods – coupled with recent breaches that were experienced with several large institutions – are raising questions around how these authentication methods could be improved.

Fortunately, newer authentication methods are available and mandatory breach disclosure legislation is being implemented. These improvements will help to expose breach sources, drive innovation and create broader industry awareness.

  1. Collaboration will help to combat security threats. Moving forward, it’s become essential for organisations to provide a safer network across the enterprise.

The public and private sectors need to work together and establish links for the benefit of regional businesses in particular, as smaller companies often don’t have the ability or resources to build a security department internally.