Covid-19, globally, heralded in a new era for companies, prompting personnel to work for employers from convenient and safe locations, unlike the pre-pandemic scenario, which primarily witnessed a geographically centralized workforce. This is what we term as an ‘Omni-Present workplace’. American tech-savvy corporates have observed October as a month of Cybersecurity Awareness for close to two decades now, and have undertaken initiatives of spreading awareness on the quintessential role played by cybersecurity and equipping citizens across USA with knowledge and resources that make them safer and more secure in their online presence. 2021 sees this month taking on a whole new and different meaning, in the light of FBI’s revelation in its Internet Crime Report, that a whopping number of 7,91,790 cybersecurity complaints were registered in the year 2020!
Courtesy of digital evolution, 2021 will see a global IT expenditure worth $4.2 trillion, an increase of almost 9% compared to last year, and raising concerns from stakeholders in the top management of companies. IT and Digital Transformation, too, has its share of risks and challenges, thereby, calling for increasingly protected networks, with a view to secure the normal functioning of businesses. Decision-makers are now responsible for not just adhering to budgets, but also securing the overall well-being of their organizations. In an effort to achieve this all-important goal, companies will need to communicate effectively with geographically-spread employees how to safe-guard critical corporate data. All this, towards the end of staying competitive and efficient in a challenging business environment.
It is time cybersecurity be accorded year-long strategic importance by means of championing three causes:
Incorporating Cybersecurity into Corporate Culture
Mundane tasks of ensuring IT security like password protection, software stack or one-off employee training initiatives paves the way for a holistic approach that would weave cybersecurity into the corporate culture, per se. This means putting in place a cybersecurity policy focusing on transforming employee attitudes and behaviours, thereby, stimulating change among the overall ecosystem of a company’s stakeholders. All this can be possible only with training, a well-defined organizational policy and finally, yet most importantly, firmly imbibed organizational values. Internal communication will gain more importance, as companies look to make employees proactive rather than just reactive towards security protocols and data protection. Top managements will have to ensure that IT and HR teams become partners like never before, to achieve the end result of a knowledgeable pool of workers and smoothly, safely functioning business.
Cyber Hygiene, the Cornerstone
Cyber-attacks can be effectively circumvented with cyber hygiene, which are important measures implemented for the proper maintenance and well-being of all software and electronic devices. This will entail that mundane tasks and tactical measures of software updates and patches be practiced by executives on a regular basis, to ensure businesses are protected from being vulnerable to phishing attacks, ransomware and malware.
Information Security and Technology Officers will have to work in tandem to redefine technology, systems and processes that unify operations and security teams to have a holistic, unified view of all devices on the network, immaterial of their respective locations. The perfect system is one that is not vulnerable to external attacks and is equipped with checks and balances that ensure cyber hygiene.
Bigger Role for the IT Department
We all, without any doubt, will admit that IT teams are superheroes in the face of Covid-19, since they are managing large-sized, globally-spread teams that experienced technical snags while working remotely; expediting digital transformation initiatives that would have otherwise taken years to accomplish. IT teams played a crucial role in ensuring smooth functioning of their businesses, regardless of the industry vertical. They are tasked with the responsibility of keeping businesses transparent and employees or customers connected.
The onus is now on leadership teams to acknowledge their capabilities and strategic as well as critical importance, from a futuristic perspective. Rather than being limiting to tactical tasks, the IT department can contribute to higher-value initiatives that drive impact and add value to the company’s revenues. The newer roles will include assessing and managing the right security technology – Artificial Intelligence, managing the Cloud, etc., to put into effect major workplace efficiencies or even improvising on employee or customer experience securely.
Time has come to go beyond celebrating October as a month dedicated to cybersecurity awareness, by engaging in year-long, continuous and well-planned IT activities and discussions. Vested interests in harming an organization will never cease to exist, in addition to the challenges and complexities spelt by the pandemic, which is here to stay. It is for the organization to protect its widely-distributed workforce and customers, who increasingly use technology.
(The author Nagesh Ayyagarim, VP Engineering, Ivanti and the views expressed in this article are his own)