Back when companies first started to talk about cybersecurity, they spoke in terms of potential dangers that essentially affected the integrity of their business鈥檚 IT systems. These days, however, corporate cybersecurity is the focus of another key concept: risk management.
The fact is that cybersecurity is no longer a key matter just for technology companies; it鈥檚 now something that is in a prominent place in every large company鈥檚 strategic plan, since a cyberattack can mean not only the loss or contamination of certain data, but worse still, it can endanger the reputation and the very survival of the affected company.
This is what Gartner has shown once more this year. The consulting firm has made public some of the keys from its report The 2018 CIO Agenda: Mastering the New Job of the CIO, that, although it can already be accessed by its clients, will be officially presented on August 20 and 21 in Sidney, and will provide a good account of the trends in security and risk management in 2018.
Directors are more and more concerned
Corporate cybersecurity is no longer just a headache for heads of cybersecurity departments: it鈥檚 also a major concern for the company directors themselves. This was made quite clear with the cyberattacks on Equifax, or with the arrival of WannaCry: these weren鈥檛 simply security breaches. These incidents ended up having a determining effect on the reputation of the companies that were affected, and also contributed to a decline in trust from clients, investors, and providers.
And the future prospects speak for themselves: although companies are worried about maintaining their cybersecurity, the figures show that cyberattacks aren鈥檛 going to go away. Quite the opposite: they鈥檙e going to be an ever more present threat in the day-to-day of large companies.
This has led to an increase in corporate awareness of the matter, and directors of these large companies are more and more concerned about the integrity of their IT systems, since the short and medium term continuity of their companies, and even the future of their existence, could be called into question.
Stricter legislation
The Facebook and Cambridge Analytica scandal has brought to the fore something that is getting harder and harder to refute: not only must action be taken against companies that make fraudulent use of user data, but the measures that are taken must be stricter, and the sanctions larger. What’s more, as well as implementing harsher economic fines, these measures also need聽 to regulate the protective actions that companies take.
In this vein, 2018 has been defined by the definitive implementation of the GDPR, which defines the steps that companies must take in order to ensure the protection of personal data. It also significantly increases the financial risks that companies will face if this personal data is compromised in any way: the fines can be up to 20 million Euros, or 4% of the company鈥檚 global annual turnover, whichever sum is higher.
Machine learning to boost security
Unfortunately, cybersecurity risks become obsolete every so often. If a company thinks that it is prepared to face up to the latest cyberattack methods that have been observed in the market, it can鈥檛 afford to be complacent: these techniques grow day by day, and their action protocol can change. This means that we鈥檙e facing a constantly shifting risk management scenario.
In this context, large companies not only need to be alert to new cyber risks that they could be taking on, but they are also obligated to have technologies that can learn automatically and face several threats simultaneously.
This is where machine learning comes into play. This kind of technology is more agile and adaptive, and is capable of learning in real time, detecting new security breaches, evaluating new attack methods and combining all of this knowledge to adapt and improve its cybersecurity processes in the least time possible.
The trend of machine learning is growing so fast that, according to Gartner, in 2025, this technology will be totally implemented within corporate cybersecurity solutions in the majority of companies. Companies of all sizes, therefore, must opt for comprehensive cybersecurity solutions that, like Panda Adaptive Defense (that classifies 99.98% of processes using machine learning), are capable of getting ahead of possible risks, acting preventively, and improving both detection and risk solution processes.