Cyber security – The Holy Grail for Business Existence and Continuity

It was first talked about as a strong business opportunity. Gartner had predicted that worldwide spending on information security would reach $71.1 billion in 2014. Very quickly, the opportunity turned stronger, but it was now founded on a serious threat. And even before 2015 turned the corner, major security forums declared 2016 as the year of cyber risk. The cyber security market is now set to soar to $170 billion in the next 5 years. It has grown to such epic proportions that it has also given birth to a parallel industry, cyber insurance.

Shocking data breaches involving millions of dollars in the last two years (the high-profile cyberattacks on 77 million user accounts at Sony Pictures and on 76 million records of JP Morgan Chase) have shown that information security is no longer a mere IT concern, but a serious business imperative that envelops business continuity, trust and brand reputation. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute computed the average cost of a data breach at $3.79 million.

Organizations are waking up to this emergency alert. Some have adopted risk-based cyber security frameworks, while others have deployed specific strategies for cloud-based services and the Internet of Things. Microsoft, IBM and Raytheon have declared their serious intent to tackle this as a business priority with their recent acquisitions of niche cyber security firms (Microsoft acquired the Israeli firm Adallom, IBM acquired Resilient Systems and Raytheon bought over Blackbird Technologies).

On the other hand, the cybercriminal knows his business well and is getting sophisticated and more skilful with each passing year. We just need to be smarter to prevent and defend more sophisticated cyber-attacks in days to come. As we move through 2016 and beyond, our cyber resilience needs to extend far beyond just information and access security. It needs to be business-centric and focused on proactive vigilance, rather than being reactive based on detection. We need to confront known and unknown, intended and unintended repercussions arising out of our cyberspace activities.

Data Sources:

Leave a Comment