We noticed you're blocking ads.

Keep supporting great journalism by turning off your ad blocker.

Questions about why you are seeing this? Contact us

Font Size

- Aa +

Mon 25 May 2020 05:12 PM

Font Size

- Aa +

Data security is in the hands of the C-suite

Neil McElhinney, head of Critical Information Systems and Cyber Security at Thales Middle East, believes on the importance of securing data and minimising cyber threats in global business

Data security is in the hands of the C-suite

Attackers can “eavesdrop” on unencrypted data travelling over a network, says McElhinney 

The drastic changes we’re experiencing in our personal and professional lives would have been im-possible to imagine just a year ago. Today, our new reality demands these questions are asked and answered by C-suite executives who must be certain about data security in these extraordinary times.

Almost overnight, The Covid-19 crisis has created a need for employees to work remotely. As a result, companies around the globe are doing everything they can to maintain a “business as usual” pace so there is minimal disruption, even if it means relaxing security processes and quickly adopting new tools that may create new risks.

However, fact of the matter remains that having a presence on the internet opens us up to risk such as hackers, disruptors and insider threats, and companies of all sizes, from the largest public enterprise to the smallest private firm, are all susceptible to cyberattacks.

Before the Covid-19 crisis, IT professionals generally operated in two worlds: on-premise and in the cloud. The staff they support were typically also physically onsite – ostensibly more secure.

But in the short span of a few weeks, IT departments are suddenly responsible for protecting more sensitive data emanating from living rooms and kitchens over unknown routers, various wi-fi connec-tions and personal computers, making security even more difficult to ensure.

Those two IT worlds are now but one: cloud. And because most business is now being done in the cloud, protecting data there is the top concern.

Fortunately, we’re seeing evidence that more C-suite decision-makers are getting even more ac-tively involved, and as the variety and severity of risks evolve, here are three critical questions that must be asked in the boardroom right now:

1. Are we protecting our data with end-to-end encryption and effective key management?
According to the 2020 Thales Data Threat Report-Global Edition, half of all corporate data is now stored in cloud environments, and 48 percent of that data is considered sensitive. As a result, en-cryption is critical for protecting data in motion and at rest.

Attackers can “eavesdrop” on unen-crypted data travelling over a network, not only impacting privacy but also opening the potential to modify or substitute data to stage more sophisticated attacks.

To truly protect data, especially in today’s multi-cloud environment, all data must be encrypted and control over encryption keys must be well organised and strong.

2. Do we have control over who is accessing our data?
Authentication and access management is extremely important as more people work from home and use cloud applications that make them a target for cyberattacks.

The report shows that cloud applications are listed in the top three reasons an organisation might be attacked, just behind un-protected infrastructure such as IoT devices and web portals.

We also know that the majority of IT leaders (95 percent) believe ineffective cloud access management is still a concern for their organi-sation.

Without effective access management tools in place, organisations face a higher risk of breaches and incur extra costs from poorly optimised cloud.

3. Can we meet all compliance requirements and maintain best practices during a rapidly evolving crisis?
Amidst existing cyberthreats and new security issues brought on by increased remote working, an increasingly complex regulatory environment brings its own risks to businesses.

As the report showed, 47 percent of organisations experienced a breach or failed a compliance audit in the past year, making the case for encryption and access controls stronger than ever – especially because non-compliance can immediately impact a business.

Partnering with a data security vendor can help businesses with scalability, flexibility, and the efficiency needed to address expanding encryption and compliance requirements, while reducing cost and complexity.

The ability to work from anywhere is more important than ever
In today’s rapidly evolving business environment, constant access to information and services is essential for communication and getting business done whether you’re in sales, finance, marketing or the legal profession.

This is especially true when we face global incidents like the pandemic, which has undoubtedly forced us to rethink how we work. It’s important to ensure employees can not only collaborate, and that they can access corporate applications and information remotely in the same, secure way as if they were in the office.

Thorough planning by the C-Suite can help or-ganisations to minimise the potential impact of cyber threats, protect sensitive data, and allow business continuity.

Arabian Business: why we're going behind a paywall