How to understand the security of information systems with the massive use of digital tools
We live in troubled times.
A period that, because of the upheavals caused by the health crisis that has shaken the world for almost 6 months, forces companies and other organizations around the world to adopt new ways of working. New ways that require the massive use of digital services and new technologies. And this was observed on the basis of telework which has become for 3 months now, the professional standard. Working remotely has become something that is becoming a pro habit. The problem, this shift to a typically digital professional world is not without risks.
This article will also interest you: Data theft and the direct impact on user protection
Security is beautiful and one of the problems to be solved. According to Kaspersky, the Russian cybersecurity firm, and its recent study, 17% of employees, or 1/3, received instructions from their employer on safety measures to be adopted when working remotely, on their personal devices.
According to Ivan Kwiatkowski, a computer security specialist at Kaspersky, the enterprise network is particularly vulnerable during this period, and the consequences can be severe because it only takes one computer attack for the company to lose countless data, which it will never be able to recover. It is for this reason that he stresses this: "It is time to put digital and the security of information systems in their place: at the heart of business strategy." But the fight is not won. According to a study by Wavestone, nearly a quarter of CAC 40 companies plan to reduce their cybersecurity budget over the coming year.
The issue of computer security concerns everyone and involves every direct or indirect player in digital life. Whether it's for our professional lives or just our personal habits, we use digital services and networks. These tools are more or less secure. But the danger is real. The problem is that the majority of individuals and even companies seem to be unaware of the risks they face on a daily basis. Whether it's data compromise, network attacks still critical infrastructure, the danger can cause maximum damage.
When asked about the issue, Tanguy de Coatpont, KASpersky's CEO France, said: "The year 2020 is difficult, we are facing a health crisis that makes us aware that there are absolute priorities: our health and those of our loved ones. Nevertheless, it also made us realize that for a number of companies, it was now possible to transfer a large part of the activity "remotely". More than ever, business continuity depends on the proper functioning of information systems and networks. In these times of crisis, we also find that compromising a critical infrastructure, through a computer attack, can undermine much more than the security of personal data, or financial data.
It can cause an intrinsic problem in a vital facility: a hospital, for example. In my opinion, it is completely unconscious that in 2020, after there have been cases of devastating cyberattacks such as Wannacry (whose victims are still suffering the damage, 3 years later), companies still consider it a secondary investment. No economic, social strategy will be viable if the company is not protected from computer threats. Beyond the need for anticipation of surface protection, but also within every entry point of the system, it is now necessary to be one step ahead of cyber criminals who are more advanced than ever. If cyber attackers have understood the strategic value of attacking the operation of a business, why do these same companies not start from the same principle by protecting themselves? Moreover, today, a real cyber capability, with tools to detect and respond to incidents is not just a critical need: it is a considerable strategic advantage.
While IT security managers are not yet integrated into the heart of the company's decision-making committee, they hold a critical responsibility: the protection of sensitive data, the protection of information systems and the ability to maintain an activity, even if an isolated element of the company's system is compromised. When I see that the largest companies in the CAC 40, while they are very exposed to risk as they are a strategic target for espionage, destabilization of an economy etc. are thinking about reducing their cybersecurity budgets, I think that the road to cyber immunity is still a long way off. ».
Now access an unlimited number of passwords: