As the threat of cyber attack continues globally, managers look to digital advancement for further protection

By George Ralph, RFA

Published: 27 June 2022

In January 2022, the World Economic Forum published their ‘Global Cybersecurity Outlook’ report. In this document, the organisation details how societies are increasingly reliant on technology to manage everything from business processes to public services. Governments and companies have been active participants in creating this future and as a consequence, have been shaping a new cyber landscape for the world. As such, a key focus in the Global Cybersecurity Outlook’ report is to build cyber resilience.

Building cyber resilience has never been more important. Last year, the World Economic Forum worked alongside over 120 global cyber leaders to accumulate and organise a collection of highly detailed insights on emerging cyber threats.

A key driver for the focus for worldwide cybersecurity systems are digital trends and their rapid acceleration in proliferation due to COVID-19. The pandemic disrupted the societal landscape worldwide, pushing the population to embrace a new frontier of interconnectedness and digitisation of the workplace. Offices embraced working from remote locations overnight because there was little other choice, and this event has driven the adoption of digitisation at a far more rapid pace. With the developments of more sophisticated tools for working remotely, distance learning and digital entertainment, the trend for digital advancement will only continue to accelerate and we are seeing advancements both in our personal and professional lives to illustrate that.

Whilst the digital transition meant the finance world could continue to do business with relative ease thanks to technology, there is another side to this story which is much more troubling and ominous. This new digitised landscape and existence has led to a more frequent materialisation of cyber incidents. This is always costly and damaging to those involved. However, it is not only the digitalisation of the workplace that proposes a greater threat. Supply chains that rely on technology partners and who use third parties are also becoming digitised which in turn creates new exposure to vulnerabilities to cybercrime.

The civilised world is living and working within a context of widespread dependency on digitally complex systems. In this climate, there are greater cyberthreats and their growth is advancing beyond the speed in which society can manage and prevent them efficiently and effectively. The World Economic Forum reported at the end of last year that throughout the course of a week, following a discovery of a critical security flaw in Log4j, a widely used software library, there were over 100 attempts every minute to exploit the vulnerability that was exposed. That is over 1,008,000 attempts for just one exposure alone. This example illustrates the severity of risk that companies are facing and the crucial and essential reasoning for adequate monitoring and management software for all of our businesses.

With the looming threat of cyberattack, investing in digital advancement via cybersecurity is a priority for businesses within the financial sector. Human behaviour and work interactions are increasingly defined and shaped by ubiquitous technologies. By consequence, companies and businesses must seek to continue to adapt their competence and capacity to handle and minimise the risk of malicious cyber criminals who are exploiting the ever changing technological landscape. It is for this reason that cybersecurity should be a priority for all. By investing in cybersecurity, the world will truly be unleashing the potential of the digital economy.

In order to progress in this new frontier of work and living, firms should consider investing in a managed detection and response platform as part of their overarching IT strategy. Businesses within the financial services sector should seek access to an outsourced partner who can support cybersecurity via a SOC (Security Operation Centre). This is a centralised function that offers around the clock monitoring of the work of employees, services and technology, whilst also seeking to improve the overall security posture of the business through the continuous prevention, detection, analysis and response to cybersecurity threats and incidents. Whilst technology and digital advancement has in some parts created the problem with regards to cyber safety, it is also a key part of the solution. Moving forward to the next iteration of technology and digital transformation, it is critical for businesses to have a 24/7/365 view of their overall business operations and data and this should derive from continuous machine learning that contextualises threat intelligence from markets and global geopolitical events.

In addition to implementing managed detection and response strategies, companies must gain assistance and advice from external experts. In their ‘Global Cybersecurity Outlook 2022’ report, the World Economic Forum shared that 84% of businesses now believe that cyber resilience is a business priority for their company and this should be achieved through support and direction within their leadership. However, contrasting this figure, 68% of businesses believe that cyber resilience plays a critical role in risk management for their company. This misalignment between understanding of how cybersecurity should be carried out within a business illustrates the need for companies to seek external expertise to ensure their business is secure. A gap between leadership teams can leave businesses exposed to even greater risk.

In conclusion, it is clear that society will continue along its path to migrate and adapt into an increasingly digitised world. Along this road, the threat of cybercrime will also be at the foreground of business decision making moving forward. Preparing for and mitigating risks and attacks will be costly to organisations, not just on a financial scale, but also in terms of infrastructure, mental wellbeing and societal cohesion. As the world looks ahead to the rest of 2022 and beyond, it is essential that businesses globally see cybersecurity as a strategic business issue that drives and influences decision-making. It is no longer a question of ‘how’ firms are protected in terms of cybersecurity, but rather ‘how well’ they are protected, with a key focus on sophistication, effectiveness and fortitude.