Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s also known as information technology security or electronic information security.

The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report on cyber threats is shocking as more than 7 billion records have been exposed by data breaches. We also need to be aware of web3 which is growing rapidly.

Tech builders and businesses must take a proactive approach to security when evaluating Web3’s potential. Blockchains and cryptocurrencies have been the subjects of growing security concerns, from traditional issues of social engineering, insider exploits and faulty implementations to an emerging class of Web3-native exploits across decentralized applications, exchanges and wallets.

According to  McKinsey Digital Report, Cyber Security is important because it protects all categories of data from theft and damage. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. 

All industries face the threat of cyber attacks. According to a prior McKinsey survey, 75 percent of experts, across many industries, consider cyber risk to be a top concern. Today, due to digitization and automation, the threat is universal. Added to this, the recent COVID-19 pandemic has intensified the danger of cyberattacks, across all industries.

Cyber security leaders assess their organization’s current vulnerability through a quantitative risk analysis including patch management practices; and build metrics and a dashboard to report regularly on the identified vulnerabilities and patch releases to the Chief Information Security Officer (CISO).

Several major vulnerabilities stand out:

  1. First, a broad shift toward work-from-home arrangements has amplified long-standing cyber security challenges and opened multiple vectors for cyber attacks.
  2. Second, social-engineering ploys to gain information, money, or access to protected systems are on the rise, such as attackers posing as help-desk teams, health workers, or investors in virus-related response activities. 
  3. Finally, cyber attackers are using websites with weak security to deliver malware, in some instances using domains and websites created to spread information and resources to combat COVID-19.

We  believe that cybersecurity initiatives should be prioritized based on business-risk scenarios. Cyber Security is important because it protects all categories of data from theft and damage. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems.

The response to COVID-19 has increased cyber risk

Physical distancing means many workers are staying home and making greater use of videoconferencing services, collaboration platforms, and other digital tools to do business. In their free time, they are also going online more frequently to shop, read, chat, play, and stream. All these behaviors put immense stress on cyber security controls and operations. Shifting to work-from-home arrangements can open multiple vectors for cyber attacks. From changes in-app access rights to use of personal devices and tools as well as lack of social control.

How leaders can manage cyber risk

Given the gravity, complexity, and growing number of risks that businesses face, executives need ways to set priorities and sequence their cyber security and digitization investments.

Technology – Work-from-home arrangements. Make sure required controls are in place—for example, accelerate patching for critical systems, scale-up multi-factor authentication, and install controls for facility-based applications that have been migrated to remote access.

People – To help employees understand the risks, businesses need to communicate effectively and creatively. Increase awareness of social engineering ploys and identify and monitor high-risk users such as those working with confidential data.

Processes – Work-from-home arrangements promote resilience by supporting secure remote-working tools, testing and adjusting IR and BC/DR capabilities, and securing physical documents. Also, take steps to expand monitoring and clarify incident-response protocols.

Consumer-facing network traffic – Integrate and standardize security activities, by, for example, integrating fraud prevention capabilities with the SOC, and offering guidelines to help consumers solve some problems themselves, particularly during periods of peak use. 

Recently, #CBSegroup a North America affiliate of #DotConnectAfricagroup participated in the RSA annual cyber security conference, a four-day event! It is the world’s leading information security conference and exposition held at The Moscone Center in San Francisco.  We were able to hear from  RSA experts, customers, and partners, and to also discuss current and future concerns, and have access to the experts, unbiased content, and ideas that help enable individuals and companies to advance their cybersecurity posture and build stronger and smarter teams.  Clink here

DCA CEO and Founder Sophia Bekele who is who is a Cyber Security specialist made the following remarks, _“Always happy to be part of the SWAT team that plays a role in catching the bad guys or helping the good guys that is the role of cyber security and always be proud and privileged to be part of this amazing industry of professionals.  It has come a long way into such a huge and relevant industry. Amazing technology I saw this week and I managed to meet my long-time friends also along with others. Thanks, RSAC for the invite and fantastic Expo”._

Our WebForum Conversation will focus on: “Finding a long-term solution to curb Cybercrimes in the digital sphere”.#EndCybercrime

The topics to be discussed will be

1. Data sovereignty in the cloud
2. The concept of ethical hacking
3. Metaverse VS. Web 3.0
4. Data protection and Cybersecurity policy
5. Challanges of Cyber secutity in the digital sphere

Sources: McKinsey Digital, TechTarget, Kaspersky, Metacomplianceblog, UNICEF, NUSPIRE, CBSegroup PR