Cybersecurity, 10 points of vigilance for 2019
When Jean-Marie Pivard, IFACI President, is asked to comment on the results of a study on cyber-security in 2019, he is not at all surprised, after the arrival of the GDPR in 2018,
“to find that IT security, compliance and data protection are at the forefront of organisations’ concerns.“
Can we say that cyber security is the main concern of companies in a world still subject to the upheavals of digital transformation? Artificial Intelligence, announced as the fourth industrial revolution, also seems to disrupt economic models and the dominance of web giants in all markets, a source of anxiety for all sectors of our economy.
Cybersecurity : we cannot remain inactive in the face of the threat
But it is indisputable that the dangers and costs of attacks on information systems or databases are proliferating and we cannot remain inactive in the face of the threat. For example, the use of viruses to infiltrate software increased by 200% in 2017! For more than half of companies, attacks on their computer systems came from their suppliers; which leaves one wondering about the quality of the commercial relations maintained.
The study thus identifies 10 challenges to consider to guard against before 2019:
- Governance and relations with third parties remain the first issue and the one on which vigilance must be significantly increased
- Data protection, because more than half of companies do not yet have total command of GDPR
- Problems related to the automation and entry into force of technologies using AI
- Respect for CSR charters and in particular the impact of energy consumption – the public is becoming more demanding in terms of social ethics
- The risk of corruption that follows the value curve of the data collected – the more these are valued, the more the corruption intensifies
- Discrimination and rising inequalities that concern all nations – here we think about cognitive biases in visual recognition systems or different treatment of personal information of certain populations
- Sanctions and protectionism that are real threats to international organisations; examining the mounting trade tensions between the US and China under the leadership of Donald Trump sends shivers through the financial markets
- Risk governance must become agile. The changes are much faster and more frequent than in the previous century. It is estimated that 5 years is the time to adopt a new technology in the world today, but the acceleration continues
- Lastly, identifying risks in real time is a matter of concern for the teams in charge of cyber security, as it has become difficult to be both mobilised on the situations to be managed and vigilant in anticipation for the next security vulnerabilities or threats to assess.
In conclusion, it is advisable to invite companies to review their internal organisation, too often dated, too often in silos, which slow down and sometimes literally prevent them from finding solutions adapted to the changes imposed by the technology. Implementing a real cyber security policy, reforming the governance of sensitive information requires flexibility and cross functional vision. All these are qualities that recent companies have in their DNA from conception and that others must consider as indispensable.
“Companies must now re-organise their governance to secure their entire IT systems by considering the infrastructure of all participants in their supply chain, internal as well as external. “Concludes Jean-Marie Pivard.
To read Also: