Ruwandi Perera emphasises the need to safeguard business information

This is the month of Independence Day celebrations with patriotism running high across the island. We may even congratulate ourselves for living in an independent state free of war and hopefully safe from crime.

But being proactive regarding national safety in the face of digital crimes has been the need of the hour for the past couple of years. National safety may sound like a distant proposition – a political duty of government – but the onus of cyber-safety (whether national, corporate or individual) rests with cyber-users.

It’s disturbing when one’s Facebook account is hacked but the implications of corporate security breaches are more devastating in volume and effect. Even organisations such as the CIA are vulnerable to cyber-threats – for example, an 18-year-old British teen hacked the personal email and phone accounts of top US intelligence officials in 2018.

The safety of businesses seems almost mythical while responsibility for their protection is steadily increasing. This is due to the volume, power and influence of businesses, which make them determinants of economic growth and national development in almost any country.

Combined with the interdependence, complexity and connectivity of today’s markets, there’s an undeniable need to protect businesses against cybercrimes for the greater good of the world.

For most businesses in our country, data and cyber-protection, firewalls and other relevant security measures are mere boxes to tick in preparation for audits – a mindset that is changing, as it should have two years ago. Today, business leaders understand what it means to be cyber-safe – yet, many may underplay the effects of security breaches.

Being prepared is key – especially as businesses are present and active on multiple online and social media platforms spanning customer contact, supplier networking and production. Many businesses opt for cloud storage over local servers, making them easy bait for cyber-terrorists.

Cyber-theft can involve anything and everything – employee records, customer databases, supplier agreements, product recipes, infrastructure blueprints or the type of food served in office cafeterias! All this information can and will be used against businesses and stakeholders including government… so no one is safe.

It starts with the simplest of things – passwords. Small and seemingly innocent culprits of cybercrime vulnerability, weak passwords pose the biggest threat to global business. With experts predicting the number of passwords to rise to 300 billion by 2020, the need for employees to master the science of password protection is vital.

Advanced cybersecurity measures (firewalls, encrypted connections, ransomware shields and data leak protection) have become primary initiatives. Sterling spam filters that are strong enough to detect and prevent phishing emails are essential as a majority of viruses are spread through this medium. Antivirus software is a must-have, and care must be taken by corporates as well as employees to ensure that these are updated regularly.

Backing up data regularly is another simple but effective step to proactively ensure that data, systems and processes are safe in the wake of security breaches.

Cyber-insurance is trending, as is cyber-risk assessment for businesses to be in the know about cybercrime susceptibilities and address them. Along with strategic business plans and goals, corporates must draw up business continuity schemes in the event of cyber-attacks – or better still, realign organisational missions and objectives with cybersecurity, which must be added to the overall cost-benefit analysis.

Indeed, cybersecurity is no longer a task; it’s a business sustainability strategy.

All this must not be in the job description of the IT division alone: cybersecurity is everyone’s problem and therefore, it should be a joint responsibility – i.e. from marketing interns to company CEOs. Training teams to be cyber-secure is a ‘must-do task’ for all managers.

While preventive measures would have worked two decades ago, it is essential that businesses expect and are geared for cybercrime these days. Worldwide spending on cybersecurity is forecast to exceed US$ 133 billion in 2022, according to Gartner.

The larger the business, the more likely it is to be attacked. Yet, this doesn’t guarantee immunity for small enterprises or sole traders. Businesses with an online presence – even in reference to social media – are in danger of attack by cybercriminals.

Be prepared; be safe.