Cyber security in short is about protecting computer systems that are composed of hardware, software and data, against malicious actions. In the modern era, there seems to be nothing more important in the enterprises’ demand than cyber security. But why is cyber security so important? At the end of the day it comes down to safety and money. For example, think about safety and the damage it might cause to a company’s reputation if people’s lives are at risk due to improperly handled security. On the other hand, think about data protection regulations and related financial sanctions – not to mention stock prices. When you consider business continuity and reputation, then you must admit that cyber security matters big time.
Never-ending battle against the bad guys
Unfortunately, cyber security is a moving target. The bad guys are always one step ahead and there is no such thing like perfect security. The fact is that cyber security is only good enough in a particular context in a particular point of time. Moreover, it really doesn’t help that we live in a world of ever increasing number of internet connected devices.
Security is a sort of a layered thing starting from data all the way to applications, infrastructure and networking to form a whole. Security should be built into the computer systems from the start. It is always harder, more expensive and time consuming to try to fix something afterwards. How should we then try to approach this subject? Well, security should be baked into your processes so that it is not forgotten. It should be part of every day work and culture and not something left to be handled separately.
Further on, you need to balance between risks and mitigation. You want to minimise the risk of attack or breach, but do not want to cause usability or other problems because of too high security. The correct level of security needs to be defined based on various factors, like data confidentiality, intellectual properties, GDPR legislation and user experience.
It’s not just the technology, it’s also about the people
On the other hand security is also about people’s awareness. For example, you might receive an email with malicious links, but training employees to react properly to this mitigates the risks. Nowadays there are also software that help us to prevent this kind of social hacking, but this is always reactive. We need to see the bad guys’ next moves first, so we can adapt. Remember that this is a kind of constant fight between the light side and the dark side 🙂
So to answer shortly: Yes, whatever you do, you should definitely care about cyber security! Contact us to discuss more about your company’s cyber security.