The World Economic Forum (WEF) estimates USD 5.2 trillion in global value will be at risk from cyber-attacks by 2023. Organizations are therefore investing in cybersecurity measures more than ever before. The annual investments in cybersecurity will reach USD 186 billion by 2024, according to Gartner.
While cybersecurity was already an increasing concern for organizations, the COVID-19 pandemic and its catalytic effect on digital transformation led to an unprecedented spike in cyberattacks. According to the WEF COVID-19 Risks Outlook report, 50.1% of organizations fear cyberattacks and data fraud will become a burden post-COVID-19.
In a way, the pandemic, and our response to it have underpinned the importance of security protocols in enabling the workforce of the next normal. It is evident from the statistics brought forth by the WEF COVID-19 Risk Outlook report that, when it comes to cybersecurity, “good enough” is no longer enough. To ensure an enhanced level of security, businesses need to develop a cybersecurity infrastructure that can keep up with the increasing complexities of a distributed workforce.
If we were to look back at the pre-COVID-19 era, the accelerating pace of Industry 4.0 had already widened the digital threat landscape for many enterprises. As enabling technologies such as IoT became more prevalent, cybersecurity needed to evolve and give rise to a “security of things” (SoT) thinking. With the pandemic, security of things became a key enterprise priority as the shift to remote working became inevitable. The potential risks posed by widespread remote access and distributed networks further added to security concerns. This required the adoption of new technology to secure the increasingly complex systems of connected devices and networks.
Moreover, the adoption of new technology and the subsequent enterprise-wide transformation have further laid bare the vulnerabilities of digital systems. Not to mention, the complications of a complimentary regulatory landscape. In fact, every aspect of the digital enterprise has a cybersecurity implication. For instance, the widespread adoption of data analytics necessitates the identification of risks to data security. From customer experience to APIs and automation, the use cases for the need for robust security are endless. Keeping these developments in mind, businesses need to re-evaluate their stance on cybersecurity.
With businesses taking another look at their processes and reimagining their architecture, the time is ripe for the scope of enterprise cybersecurity to evolve and grow beyond their current role as a stop-gap solution. As we step into a post-COVID-19 environment, cybersecurity strategies will need to undergo modifications to address new threats.
But to understand the cybersecurity strategies of tomorrow, we will need to look at the various pressure points in enterprise security that have emerged in the wake of the COVID-19 pandemic. In my experiences, these pressure points are:
- Connectivity and continuity of business (Remote ops and collaboration services)
During the initial months of the COVID-19 outbreak, companies had to adopt a remote-ops model almost overnight. Remote work has, since then, increased in relevance and will continue to influence the cybersecurity outlook in the immediate future. Moreover, collaborations services will also see a marked increase with a complementary growth in cybersecurity investments.
- Technology adoption and transformation (Zero-trust and multiplatform adoption)
The rise in connectivity will subsequently usher in the widespread adoption of advanced technology, accompanied by the need to secure identity and zero-trust data security protocols. With the growing popularity of multiplatform environments across various devices, the data security requirements are also expected to evolve.
- Risk and compliance (Data security and enforcement/controls)
In due course of the tech transformation initiatives, we will need to focus on improving enterprise-wide awareness of risk and compliance. I have already talked about zero-trust — which is just one part of the security framework — that is quickly becoming a paramount organizational priority and business continuity. Which is why organizations will need to have complete visibility of the regulations and controls that enforce these measures.
- Business operation modernization (Ability to operate remotely and digital transformation)
All these developments are pushing us towards a future of business operation modernization, powered by automation and remote access. At its best, this will involve a seamless experience irrespective of location or network. Here too, cloud adoption and digital transformation will play a key role.
Moving forward, I am hopeful that cybersecurity will take on a role that extends beyond its current position in BCP/DR enablement and help businesses excel in previously under-developed areas. As we tread carefully into the future, a seamless transformation will differentiate the leaders from the laggards of the journey. There is a lot of strategizing and thinking that is yet to be done, and a lot of investments on the horizon. But I believe, we are on the right track and the times only get more exciting from here.