Ephrem Tesfai, Sales Engineering Manager META at Genetec, explains why cybersecurity and data privacy aren’t just ‘nice-to-have’ IT initiatives anymore – they are business imperatives for organizations to keep up with evolving compliance needs and cyber-attacks.
Cloud-based software solutions are often more powerful, convenient, and affordable than locally hosted alternatives, but many people wonder if they are really secure.
Most organizations have adopted some form of cloud technology and GCC public cloud market is expected to grow at an annual growth rate of 25% and will hit $2.35 billion in 2024 compared to $956 million in 2020, according to research firm IDC. Despite this, many organizations haven’t yet put in place all the policies and procedures they need to protect sensitive data from cyber threats.
Cybersecurity and data privacy aren’t just ‘nice-to-have’ IT initiatives anymore – they are business imperatives for organizations to keep up with evolving compliance needs and cyber-attacks.
Modern cloud systems include many layers of security designed not only to protect against malicious actors but also human error. Data breaches are not only caused by black hat hackers cracking encrypted code, but possibly by something as simple as an intern or employee sharing login credentials with the wrong people.
That’s why it’s essential to look for cybersecurity features in cloud software that include sophisticated data encryption, tight access controls, two-factor authentication, and multiple levels of system logging, monitoring, and reporting to identify unusual activity and mitigate potential threats proactively.
What is cyber resilience?
The UAE is facing a “cyber pandemic” as hackers take advantage of Covid-related digital adoption, following the country’s 250% increase in cyberattacks this year. The GCC is making a huge effort toward economic diversification, with cities becoming smarter and infrastructure increasingly connected. New laws are also emerging that aim to impose strict obligations on businesses concerning how, why, and when personal data can be collected, used, and stored. And the steady expansion in cybersecurity capacity is linked closely to overall economic development.
A robust cybersecurity approach doesn’t only focus on protecting vulnerable systems from data breaches and malware. It includes developing systems and processes to ensure cyber resilience.
Resilient systems are designed to limit the impact of cyber threats and unauthorized system access and reduce the time it takes to recover from an accidental or malicious security breach.
Are cloud-based solutions right for organisations?
Cloud-based solutions offer many benefits over on-premises systems, especially for businesses that do not have the IT staff or expertise to maintain and update software regularly. If organisations have internal IT resources, they may also want to explore a hybrid deployment model, which combines cloud-based and on-premises solutions.
It’s better to choose a provider who will assign a cloud security expert to help set up a cyber-resilient system. The provider may also offer advice to support in developing cyber hygiene protocols to reduce the likelihood of a breach caused by human error.
Also, it’s important to ask software providers about how they ensure that data is protected and what measures they have in place to control access to private information.
Simple but effective tactics such as ensuring important data are backed up in a separate cloud environment, or limiting staff access to only the applications, systems, and network infrastructure they really need, are key, but often overlooked ways to mitigate risk.
Additionally, it is important to ask about their approach to supply chain risk management; we recommend purchasing only security hardware and software produced by trustworthy manufacturers who follow cybersecurity best practices.
A security system is only as secure as its weakest point (or the least trustworthy device connected to it).
How to ensure safety in an organization’s system
Being concerned about cybersecurity is natural when so much sensitive data is stored online. We believe cybersecurity is a responsibility shared by every employee, contractor, and partner.
We have long advocated for more robust data protection and privacy controls in our industry. We ensure our systems are cyber resilient through a combination of security controls, redundant data storage, and stringent employee training.
Thanks to these robust layers of security and system redundancy, we can ensure the maximum level of safety in an organization’s system.