The intersection of mobility and security represents a defining challenge for the current generation of ICT leaders. There’s absolutely no question that cyber security has been a prominent global issue in 2014, particularly around personal data. As we continue to see a rapid shift towards mobility, there are huge implications for businesses and individuals who increasingly rely on smartphones to conduct their business.
These powerful computers in our pockets might give us instant access to sales orders, forecasts and budgets, but unless those transactions are protected we may also be sharing that information with a competitor or worst-case, a cyber criminal.
Recent research commissioned by Connect Smart, the New Zealand government’s cyber security awareness unit, revealed that 83 per cent of New Zealanders experienced a cyber breach, but most had not changed their behaviour online.
In addition, 35 per cent of New Zealanders do not use passwords on their smartphones, and nearly half those surveyed admitted to not using passwords on work phones.
Even more concerning, the average length of time it takes for a business to realise it has been hacked is over 200 days (Internet Security Threat Report 2014, Symantec). With our IP and technology so closely linked in today’s digital world, it’s critical to take the steps to protect your valuable business data, no matter how large or small your organisation is.
From a business perspective, we need to better understand how we can do business safely and securely, while ensuring minimum impact on employee productivity. We also need to educate and encourage home users and individuals generally, to be secure online, recognising that those “home users” are our workers with access to our documents from their home environments. We need to adjust to this new operating environment and protect the information that sets us apart from our competitors or which gives us an edge.
Innovation in data security is happening on many levels. As a baseline, improvements to password security and authentication will always be hugely important, however there’s a crucial shift required from protecting devices to protecting data. With more and more data living in the cloud and the increase in BYOD, this is absolutely critical.
We’re all operating in a digital environment, and through our use of technology we leave an online footprint that many organisations now look to monetise (in fact a number of organisational business models now focus on monetising our digital footprint rather than engaging with us directly). The majority of us are continuously online which means we have to find a compromise where we are aware of risk and how our data is being used, but are still able to operate freely and safely in our daily life, and in the case of business, continue to improve our productivity.
Co-operation between organisations and the public sector is increasingly key to New Zealand’s success in the ICT sector. When we leverage our respective assets and people, share resources and information, we can achieve cost savings and operational efficiencies. The result from this can be game changing.
That said, it’s becoming clear that we need to re-think where the threats reside. Often the threat can be inside an organisation, rather than external – for example an employee who inadvertently opens the most innocuous of emails from an unknown source can easily damage or leak valuable data. We need to be aware of how secure our data is at all touch-points and have easily adopted but robust systems and behaviours that don’t get in the way of success or even enjoyment of the job.
The assumption that all employees have the same aptitude and technology sophistication is naive. The last few years has seen the development of better toolsets to both protect people from themselves and organisations from the consequences of poor training or even malicious intent.
Knowledge is key. The approach the Connect Smart team has around education, rather than fuelling fear and doubt is absolutely the right one for the way forward. People who are better informed and aware of their responsibility to protect the business and to also safeguard their personal information will grow New Zealand’s reputation as a technology savvy nation. Further, this approach is a key enabler of the incubation of successful New Zealand businesses and will help differentiate them into the future.
To find out more about how your business can protect itself and your employees from cyber security risk, check out Connect Smart’s SME Toolkit.
By David Eaton, Chief Technology Officer, HP New Zealand