• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Updating cybersecurity awareness for the digital present

Allan Tan by Allan Tan
September 30, 2022
Updating cybersecurity awareness for the digital present

Updating cybersecurity awareness for the digital present

This October 2022 is Cybersecurity Awareness Month. What started as a US initiative to create awareness about safe practices online has expanded into a global effort.

Photo by Saksham Choudhary from Pexels: https://www.pexels.com/photo/man-holding-laptop-computer-with-both-hands-2036656/

According to wearesocial, 62.5% of the global population has gone online at the start of 2022. The report noted that ongoing restrictions because of the COVID-19 pandemic, and the difficulty of research and reporting on trends, may mean the figures could be higher.

At US$6 trillion in losses, cybercrime has become more profitable than the entire global trade in illegal drugs, according to Bain & Company. Regrettably, the firm says 25% or fewer companies follow basic cybersecurity best practices.

“It’s imperative that C-suite leaders champion a cybersecurity strategy that is robust enough to repel the vast majority of attacks, and ensures the organization is resilient enough to quickly recover from any that succeed.”

Bain & Company

Not enough lessons to go around?

Hacking may have started as early as the 1960s at universities in the US that housed mainframes – presumably by curious hackers and those looking to improve existing systems by making them work more quickly or efficiently.

Cybersecurity began in 1972 as a research project on The Advanced Research Projects Agency Network (ARPANET), the precursor to the internet. Cybersecurity, as a practice, traces its roots to 1987 when commercial antivirus programs came to market.

Since then, the escalation of cyberattacks and solutions to fix the gaps have only led to continuing frustrations on the part of victims – individuals and corporations – that continue to pay the consequences of being connected.

When asked why we continued to be handicapped by these attacks, Phillip Ivancic, APAC head of solutions strategy at Synopsys, says blames it on the complexity and difficulty to achieve security at scale.

Phillip Ivancic

“Furthermore, put simply, there is a profit motive for attackers, so they are incentivized to keep innovating their attack techniques.”

Phillip Ivancic

“Most CIOs now understand that applications and application security is a priority and underpins digital transformation. They recognize the need to fix vulnerabilities as early as possible in the development cycle and to have a “Software Bill of Materials” so that each component of their applications,” he elaborated.

For Darrin Reynolds, chief information security officer at Edgio, the low awareness among individuals and organisations lead to dangerous cybersecurity practices and with too many security leaders today falling for the seduction of the exception rather than the discipline of the essential,

“The sheer number of devices alongside the democratisation of cyber-attack techniques has meant that the effort-reward ratio has never been more favourable for attackers,” he added.

SailPoint’s senior vice president for Asia-Pacific, Chern-Yue Boey, concludes that ultimately, as technology grows more pervasive, cyber actors too will opportunistically evolve their strategies to maximise the expanded threat surface.

“Rather than react retrospectively, business leaders will be wise to stay ahead of cyber threats by pre-emptively shoring up on their defence arsenal and employing intelligent solutions that can outsmart cyber attackers,” he advised.

Who is in charge – CIO or CISO

Not all organisations have a dedicated Chief Information Security Officer (CISO). First introduced in 1995, the Chief Information Security Officer (CISO) role was designed as a response to the ever-increasing need to maintain the security of information and operations contained within the internal technology infrastructures upon which corporations relied.

However, given that the Chief Information Officer is the custodian of an organisation’s information technology infrastructure, he or she has natural accountability for the security of the organisation as well.

So is cybersecurity a CIO or CISO role?

Ivancic believes it’s a joint responsibility: the CISO has domain expertise, but CIOs are driving digital transformation strategy.

Boey says the digital age calls for a redefinition of the CIO-CISO relationship – especially when tackling the responsibility of helming the cybersecurity charge. With more enterprises accelerating their digital transformation journeys, thereby interconnecting their business itself with the digital domain – safeguarding the business IT ecosystem becomes central to safeguarding their success.

Chern-Yue Boey

“CIOs would then be prudent to work concertedly with CISOs to ensure efforts to digitally transform their business do not also compromise the overall cybersecurity of the firm. Enforcing an undergirding security framework can help CIOs and CISOs build on a strong basepoint as they scale digital efforts."

Chern-Yue Boey

Reynolds says organisations are learning to separate the “I” from the “T” and think of technology as distinct from the information to utilize data effectively. Ultimately, cybersecurity and data protection are required topics that are covered by the senior leadership and represented by competent and cogent expertise. 

Gartner noted that since 2020, the drastic uptick in cybersecurity events has caused 88% of boards of directors to acknowledge that cybersecurity is a business risk and not just an IT problem, up from 58% just five years earlier.

“CIOs must rebalance accountability for cybersecurity so that it is shared with business and enterprise leaders,” says Paul Proctor, distinguished VP analyst at Gartner.

Paul Proctor

“They are thought of as the ultimate decision maker and authority for protecting the enterprise’s security, but really, business leaders make decisions every day that impact the organization’s security. They should share accountability.”

Paul Proctor

How to prioritise cybersecurity in 2023

“It is vital for CIOs to help their executive colleagues understand that the technical risks can be translated into business risks," suggested Ivancic. He further opined that the onus is on the CIO to help demystify cyber controls and help all stakeholders understand that baking security into a project is now just (to steal a term popular during Covid) “the new normal”.

Reynolds suggests that CIOs start driving the implementation of zero-trust architecture (ZTA). Given organisational reliance on cloud services and an increasingly distributed workforce, ZTA is critical to mitigating the frequency and severity of attacks.

Darrin Reynolds

“It is like how athletes do not expect to engage in a competition where the opponent never scores a point. Business leaders should not tolerate the delusional belief in cybersecurity and business protection where they will never be a target of cyberattacks."

Darrin Reynolds

For his part, Boey believes that CIOs must place identity security at the core of their overall cybersecurity strategy.

In 2023, staying ahead of the security curve will require businesses to steer away from manual processes and instead leverage AI and ML-based identity solutions. With AI and ML, enterprises can get intelligence and insights into access privileges, abnormal entitlements, and potential risks so they can easily control access throughout a user’s lifecycle, mitigate threats and empower their workforce.

Related:  Creating business value with AI
Tags: Cybersecurity AwarenesscybsecurityEdgioGartnerSailPointSynopsys
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe