Cybersecurity has been in the headlines lately especially with the Equifax breach that occurred earlier this year. Most people do not think that their personal data is at risk but this breach should be a reminder that the world depends on critical systems, networks and data repositories, which might not be as secure as people think. Cybersecurity procedures need to be improved and constantly updated.
Companies need to be serious about cybersecurity. This means fixing problems and enacting procedures to curb the security breaches. Fixing these problems come down to a few manageable things. One way to fix is to properly staff cybersecurity operations. Often, companies outsource their technology in order to save money. This saves money in the short term but in the long term, it can lose money because there is a lack of institutional knowledge about how the company functions. Key cybersecurity functions should be worked on in-house and worked on by in-house staff. Cybersecurity involves both technical skills and a good amount of creative thinking. Workers need to understand the context of cybersecurity to be most effective over the long term.
The right people can offer guidance to combat these breaches. However, people can become complacent when it comes to cyber security due to the cyber insurance market. Companies can purchase insurance policies to cover the cost of breaches of customer data. However, this does not solve the underlying security problem. It only transfers the financial risk from one company to another.
Cybersecurity issues should not be another risk that people accept to use the internet. The technology industry needs to design new products and administering system with effective security guidelines and practices. Cybersecurity professionals need to drive innovative thinking and action that can fix our cybersecurity issues and not just sell more products. Most people and companies do not follow basic cybersecurity practices. Some companies benefit more from selling products to affected customers than spending money to keep data safe. It is even worse with Equifax because consumers did not ask for their data to be collected and are now faced with the consequences and the costs.
Government regulators need to step up to the plate by increasing requirements for data security and other protections. They need to protect the consumer from these corporate harms. Companies that hold sensitive information should be willing to spend money and staff time on ensuring their cybersecurity is the utmost.
Many of these breaches are preventable but everyone needs to be realistic when it comes to cybersecurity. Mistakes must be admitted and we need to change our thinking on cybersecurity. Once this occurs, companies can take on the task of devoting time, money and personnel to making meaningful cybersecurity improvements.