In this multipolar world, information technology has become the backbone of any business. It allows them to sight changes in the global markets far faster than they normally do. Lack of doing so not only leads to financial and reputational damages, it can bring entire businesses to an eventual demise. While Information Security becomes an indispensable part of organizational sustainability, the significance of Cyber Security also comes into the picture. It’s the new boardroom discussion. Since we are living in the most technologically sophisticated threat environment ever, companies are paying attention towards the cyber security domain. Most of the businesses have a Chief Information Security Officer (CISO) who is responsible to implement the necessary defense mechanism to protect the organization from external and internal data thefts. This leads to rise in the demand of cyber security professionals which are in shortage as of now.
Today, cyber threats are bigger in frequency and severity. What used to work in the past is not efficient enough to protect our present and future. Every business needs a tailored, comprehensive and outstanding cyber security approach. One solution cannot be effective – multiple tools and technologies need to be implemented like Firewall, Antivirus, etc. It is interesting to see that in a global CEO outlook survey in 2016 conducted by KPMG International, to determine the top five risks the CEO’s felt their companies faced, Cyber Security Risks grabbed the number one position. The term ‘VUCA World’ was coined by the U.S. Military to outline the intense and crude situations of warfare in Afghanistan and Iraq. We, humans, were always confronted with difficult situations right from the primitive age to today’s 21st century – it has always been challenging. Likewise, VUCA presents the harsh reality of today’s cyber environment to which businesses are exposed. An acronym for Volatile, Uncertain, Complex and Ambiguous, VUCA comes as an effective approach to gear up against the unexpected. Let’s understand how VUCA describes the challenges we face in cyber security landscape:
Change is the new constant. The systems that were safe yesterday are not guaranteed to be safe tomorrow. The ever-changing threat landscape and the rapid turnover in the attack surface we manage is a proof that we cannot take anything for granted. Every day Internet users fall victim to phishing scams, and lose their credentials to online predators. The unpredictable and fluctuating nature of cyber landscape is a challenge for both domestic and international businesses. Yes, it’s a volatile world.
As they say, “There is nothing certain, but the uncertain.” Certainty is an illusion. The future is less predictable. No business can determine the exact nature and state of systems deployed on their infrastructure. This becomes harder with increasing mobile workforce and evolving tools and technologies. On the other side of the fence, there’s even more uncertainty. Businesses have no idea about the online predators – who these bluff masters are, what tools they use and what insights they have.
Technology is complex. The tools, services, and applications that we deploy are too intricate. There are multiple interconnected components that it is difficult to connect cause and effect. Businesses configure policies but then striking a balance between ‘security’ and ‘work-done’ results in undermined policies. Attaining skills to effectively manage the complexities that come with cyber security is a big challenge in itself. The popular business strategist, Tony Robbins has hit it right – “Complexity is the enemy of execution.”
At last but not the least comes Ambiguity. Remember the saying- “What happens in vagueness stays in vagueness.” Might not be, could be, but then, not sure. This grey zone in which a situation is unclear could leave organizations in despair. Usually, this vagueness makes it difficult to draw meaningful conclusions. Businesses deploy lots of tools at gateways, endpoints and everywhere in between, but there’s no guarantee that they will find the real threat amidst the never ending generated data.
Conclusion – Detect, Prevent and Recover
The internet is transforming our lifestyles. It is connecting everyone to everything. No issue today has created more concern within this dynamically changing landscape than cyber security. Businesses shall thoroughly consider their risk portfolios to identify risks and vulnerabilities that can intimidate the growth of a business. As businesses will continue to expose to a multitude of risk variables, emerging from different geographies, and greater uncertainties, it becomes important to evaluate risks dynamically. Not only preparedness but the ability to proactively respond to a cyber-attack is equally important. Modern trends like growing dependence on the cloud, more personal information on the internet, usage of personal devices on corporate networks, are some of the major reasons behind data breaches. Research by the New York Stock Exchange shows that 66 percent of directors are less than confident about their companies being properly secured against cyber-attacks. More shockingly, a research by Dimension Data reveals that 68 percent of companies have no plan to respond to a cyber security breach. Businesses need to proactively embrace the VUCA tapestry in their cyber risk management systems. A proper comprehension of the VUCA concept can help a business to proactively address cyber security in order to tackle with extreme crisis situations, gain true competitive advantage and ultimately triumph in this asymmetric cyberspace.