How to stay secure in a digitised world

How digitisation and security have progressed

The constant progress of digitisation has a significant impact on the security of information processed in the digital world. Digitisation not only means technological development but is associated with various types of threats affecting public and commercial entities. It opens gates for hackers who effectively use the weak points of IT infrastructure systems for nefarious purposes, causing sustained commercial and reputational damage to organisations. In 2020, 64% of organisations experienced at least one cybersecurity incident. How can you effectively counter these emerging threats? What counter measures can be taken?

The importance of cybersecurity skills

An important issue impacting cybersecurity is the shortage of specialist security experts. More specifically, the industry is lacking the types of qualifications and investment required in IT infrastructure security. According to the report "Cybersecurity Barometer", 58% of the surveyed companies admitted that the pandemic increased the risk of cyberattacks. However, only 23% of them have increased their budgets to ensure security in this area.{{Footnote.A65961}}

These factors have a significant impact on the threat of cybersecurity failures and the resulting risks to organisations. Despite continued reports of data breaches and cyber threats in the news, IT security seems to not be high enough on the agenda for almost 60% of businesses. It’s therefore unsurprising that IT security experts are underutilised by the majority of companies. There are often situations where IT teams do not have the expertise to implement appropriate security strategies. Lack of expert supervision and the use of necessary tools to prevent attacks opens the door to vulnerabilities in wider IT systems. It is apparent that employees are not being given appropriate training in cybersecurity best practices and therefore that their awareness of threats in cyberspace is negligible.

Key roles in data protection

Another area of IT infrastructure that is often forgotten is supervision by data protection officers in the areas of personal data processing. The tasks of the data protection officer have been incorporated into the regulations of the European Parliament and the EU Council. It is an important role to play in ensuring security in IT systems, as data protection officers are responsible for the risk assessment of data processing operations. They must also consider their nature, scope, and purpose.

Reporting violations

Many entities do not report any breaches related to hacking attacks, data leakage, data loss or theft. The lack of reports is due to the fear of being held liable under regulations such as GDPR (General Data Protection Regulation). The reporting entities are also afraid of receiving high financial penalties and claims for damages and being responsible for the loss of the company's reputation.

Lack of investment in the right IT tools

Given today’s heightened risks, IT security should be considered a priority given the unprecedented amounts of data that are being processed and stored. However, the present level of investment in the tools that prevent data loss is insufficient. Despite technological advances in data protection, many organisations have not adapted to what is available and are not equipped with the latest solutions.

An all-too-common example is equipping employees with unencrypted USB drives to store and transfer sensitive data, which is a risk strategy usually determined by cost-saving measures. In the event of data loss or theft, access to this data is not secured in any way. This loss may not only lead to a breach of the company’s data, but it could also affect their reputation and lead to high financial penalties and lawsuits.