Cyber security for firms: From a checkbox to a core function
by Urvee Baweja, BMS’23
While the internet has facilitated economic growth to previously unfathomable levels, it has also been accompanied by huge security breach dangers. Firms have begun to take precautions as the risks of data theft and breaches aggravate in an increasingly digitised environment, not just to protect themselves from future cyber security attacks, but also to prepare themselves in case they are confronted with a similar situation, allocating major chunks of their budget towards the same. Businesses are being compelled to reassess their strategies in light of these changing conditions.
Those with foresight are proactively installing cybersecurity safeguards in India, without compulsion from government regulations such as the Information Technology Act 2000 (IT Act) and various rules made thereunder, which focus on information security and describe reasonable security practises to be followed by corporations and have compelled companies to take preventive and curative measures. Despite the fact that cybersecurity measures add to the IT budget, businesses have begun to see such spending as a preventive and opportunity cost. According to a PwC survey from 2021, 55% of businesses are boosting their cybersecurity spending, and 50% expect to include cybersecurity into every company decision.
Some of the prominent companies investing heavily in cyber security include Apple, Lockheed
Martin, Intel and General Motors, Xerox, etc. For instance, world famous companies like HCL Technologies, Canon, Schneider Electric and Xerox have partnered with McAfee. Google has a team of over 250 information and network security professionals that controls the internal defence systems, produces secure development and security review processes, and designs customised security infrastructure.
The vast majority of cyber-attacks rely on employee manipulation and deception, implying that the bulk of cyber-attacks can be prevented. As a result, Microsoft implemented cybersecurity training for its staff in 2019.
The cybersecurity industry’s growth potential is increasing in lockstep with the threat of cybercrime. This year, U.S. News and World Report ranked information security analysis as the 15th greatest vocation out of 100. In fact, over the next five years, application development security and cloud security, which include proactively building safe systems from the start (preventive strategy) rather than reacting to attacks (curative strategy), are expected to rise by 164 percent and 115 percent, respectively.
According to the 2019-20 Cybersecurity Ventures study, there will be 3.5 million security job openings globally in 2021. This shows a 0% unemployment rate in the industry, which, while ideal, poses a number of concerns for businesses, including salary inflation, retention issues, and hiring sub-par applicants. This necessitates improved recruitment tactics and the inclusion of cyber security courses in higher education curricula in order to expand the number of job seekers in the business and ensure that supply meets demand for such individuals.
Thus, while businesses throughout the world are beginning to realize that cyber-security is no longer a “box” to check, but more of a critical component of their operations, there is still a long way to go in the fight against cybercrime.