With the increase in cybercrimes involving the theft of personal information, organizations need to do everything they can to help customers keep their confidential information secure. A recently-released report shows that investment in messaging security is set to increase and how cybersecurity priorities for the next 12 months are changing.
Cybersecurity investment priorities are changing
Based on a survey of 250 global security professionals, the report by McKinsey highlights the changing priorities for Chief Information-Security Officers (CISOs) in the wake of COVID-19.
The results show that investment projections vary between sectors, with spend projections showing an obvious correlation to how badly revenues in that sector were impacted by the coronavirus. For example, large enterprises in healthcare, banking and financial services plan to significantly increase their spending on cybersecurity, while similar-sized organizations in hard-hit sectors such as global energy and travel/leisure anticipate a decrease in spend [see Figure 1].
Figure 1
Small to medium-sized businesses follow a similar profile, but with fewer sectors predicting increased investment, and more anticipating a decline in cybersecurity spend.
Advice from our digital communication expert on messaging security
COVID-19 Has not only affected the level of investment in cybersecurity, but it has also reprioritized the areas in which organizations intend to channel money, time and effort. The report shows network security and identity/access management getting increased investment, while no change is expected in spend on governance, risk and compliance management.
However, according to the graph shown in Figure 2, messaging security is in the top 3 areas of investment, with large enterprises reporting that they intend to significantly increase spend in that area.
Figure 2
Messaging security is vital
With the sudden move to working remotely and staying at home, digital messaging between individuals has become a vital part of everyday life. Personal and business communication for groups has shot into the spotlight, evidenced by the frequent occurrence of meetings by Zoom, MS Teams and Google Meet. In addition to this, organizations that previously communicated with customers in-branch or via printed mail, had to move all communication onto digital channels very quickly. With increased digital activity, comes increased security challenges. It goes without saying that an organization processing personal information must have appropriate safeguards in place to protect sensitive data. But, many have not considered that these safeguards must extend beyond the reach of the organization, to the individual’s device.
Do your customers know how to protect their own data?
When an organization sends a confidential document to customers, the organization’s duty of care doesn’t end there. Organizations should do everything they can to keep personal information safe all the way through the information lifecycle. This includes helping the customer to keep information safe on their personal devices. There are two simple ways to achieve this, the first being to educate digital newcomers about risky online and mobile behavior. The second is to encrypt personal information all the way through. Encryption is a process that encodes the document so that it can only be read by the intended recipient. This ensures that the document is secure while in transit and when stored on the customer’s device.
Stergios Saltas
Operations Director, Africa