Cybersecurity: Why effective data security necessary in today’s competitive world – Firstpost

Representational image. News 18
Businesses thrive when they leverage data successfully, as data manifests as the new fuel for their growth engine. Conversely, with cyber-attacks or when their valuable data is either leaked or locked for ransom, most businesses either lose competitive edge, incur significant losses, or even shut down.
Unsurprisingly, as per The Global Risks Report 2022, The World Economic Forum identifies cyber risks as one of the top risks to modern businesses. The cost incurred to businesses due to data breaches has also been identified to be at record high in 2022.
Poor security measures often result in cyber risks, such as data breaches and ransomware attacks, which invariably contribute to losses. Vulnerabilities in applications, misconfigurations in cloud infrastructure, legacy, or unpatched servers, and lack of appropriate processes in handling data and trained personnel are some of the prominent reasons behind most cyber-attacks.
Data security not a speed breaker, rather an accelerator
Some consider data security as a speed breaker, which slows down the speed of their businesses’ growth. This is a misconception; on the contrary, adopting the right practices can make data security the “accelerator,” which can help businesses stay ahead in the race. And here are the steps that businesses can undertake to ensure that data security does prove to be an accelerator of their growth:
The first step towards securing the data is to identify the complete data life cycle within the organization.
This involves identifying:
The second step is to classify the data and map how the data flows within the organization.
This involves:
For example, Personal Identifiable Information (PII), Personal Health Information (PHI), trade secrets, intellectual property, such as designs, documents, and source code, should be appropriately labelled as high sensitivity levels. Other data, such as internal communications, websites, and press releases could be medium or low accordingly.
The three aspects of data security — Confidentiality, Integrity, and Availability (popularly known as CIA triad) — need to be considered, while modelling threats to data. Ensuring data confidentiality means only authorized users, applications, and devices should have access to view the data. Ensuring data integrity means only authorized users, applications, and devices should have access to modify the data. Ensuring data availability means that the IT infrastructure should be up and running in order to use the data for conducting business.
Data can be in both structured or unstructured formats, but there are three predominant states of data in any organization i.e. data-at-rest, data-in-transit, and data-in-use. Appropriate measures to safeguard data in all these states are needed to prevent cyber-attacks.
Data-at-rest: Critical data is often present in laptops, mobile devices, servers, cloud, and special storage devices. Below are some of the appropriate measures to secure the data that is stored:
Data-in-transit: Data often moves around both internal and external to the Organization in order to carry out business processes. Appropriate measures to secure the data during such transit are:
Data-in-Use: Business processes need to use the data to process and leverage its value. Access to data could be needed both by personnel and different applications.
Along with the above measures, it is also important to secure the IT infrastructure managing the data, with generic measures, such as:
Adopting good data governance and securing the data also helps businesses stay compliant to various standards, such as ISO 27001:2013, PCI-DSS, and NIST-CSF, and even regulations, such as GDPR, HIPAA, and SOX, among others. Accordingly, businesses should not allow misconceptions around data security to deter them from unlocking their full potential — but rather, should secure data effectively and ace the race in this data-driven world.
The author is an Assistant Professor, BITS Pilani WILP. Views are personal. 
Read all the Latest News, Trending NewsCricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.

Updated Date:
The digital personal data protection bill frames out the rights and duties of the citizens on one hand and the data fiduciary's obligations to use collective data lawfully on the other, why do we need such a bill or an act? Tune in to find out
The parliament's website went down shortly after EU lawmakers voted overwhelmingly to recognise Russia as a "state sponsor of terrorism" over its attacks on Ukraine
News of the AIIMS-Delhi server being down for over a week now has raised suspicion that a ransomware attack is being carried out
Sign up for a weekly curated briefing of the most important strategic affairs stories from across the world.
Network18 sites
Copyright © 2022. Firstpost – All Rights Reserved.



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page