31 May Information security is the priority of business decision makers
Information security and its cybernetic component are not only a technical challenge, but also a business challenge that has financial, legal and reputational implications. Shareholders and managers of Romanian companies need to be aware of the risks of cyber attacks that can affect the health of their businesses and the importance of a company-level security strategy.
Mentality change – a solution for Romanian companies
“The IT department, which is often responsible for providing information security within the company, can no longer be regarded as a business support department, must become an integral part of business decisions. Computer security of the company means more than simple set-up of technical systems; means the right decisions, the estimation of the risks and their impact on the company’s reputation, protected clients and, most importantly, the growth and continuity of the business. In this context, cyber security can no longer be seen as a function adjacent to business processes and necessary to some extent. Information security – including cyber-security – must be seen as an integral part of business,” said Cosmin Marcu, Solutions Architect, Crescendo, Cisco’s Cisco Technology Specialist.
CRESCENDO, the IT & C solutions house, delivers applications, infrastructure solutions and personalized integration services to help businesses get the most out of business information. CRESCENDO is one of Cisco’s leading Cisco certified communications and security solutions providers since 2007 and has now reached the highest level of certification: Gold Partner. And through this partnership, part of its extensive portfolio of solutions, expertise and security expertise, CRESCENDO offers services that meet the specific needs of companies.
Information security, defense strategy or business growth?
Digitalization, innovation, unlimited interconnection. That’s how the future sounds, but also the saving recipe in fighting competition from any industry, any country and companies of any size. As more and more devices are connected in the company, and more and more processes are digitized, IT security becomes more than just a mandatory criterion to operate in a competitive industry, even more if it is regulated.
Cyber security is becoming a development factor, as well as one that ensures managers make informed business decisions on the basis of unmanaged or stolen data as part of a computer attack, whose existence is sometimes not even seen at the company level. It is also important that IT security be the basis of selecting business decisions from multiple scenarios or alternatives, along with other decisional criteria.
Top managers in all industries highlight the fact that innovation is hampered and even impeded in some cases by cyber security concerns. According to Cisco’s recently released Cisco’s “Computer Security, A Growth Factor,” 39% of executives said innovative projects had been halted due to the risks of cyber attacks.
Moreover, in the context of business process digitization, managers make decisions based on the information provided by business solutions and applications (CRM, sales automation, SFA, resource planning – ERP or CRM solutions). content management (ECM) and it is as clear as possible that these systems remain permanent and active. Blocking these systems as a result of an IT attack will cause huge damage, from loss of sales for a period of time strictly related to the severity of the attack, to damage to the reputation and credibility of the company, loss of market share and customers.
Many of the Romanian companies have inadequate procedures regarding cyber security. Gradually, computer attacks begin to be recognized as risks to the sustainable development of companies, and more and more industries are setting up regulations to ensure IT security before, during and after any potential attack. Not accidentally, in many companies and public organization in the United States and the European Union, the Chief Security Officer (CSO), often different from Chief Information Officer (CIO), is increasingly present in executive management.
Mobility era challenges
In the age of mobility, permanent connectivity proves its benefits to businesses in all areas. And yet, more and more accessible connectivity increases the vulnerability of companies. The evolution of mobile technologies increases the need for security management and business risk monitoring. Another Cisco study that tracks trends in cloud services reveals that the number of employees who use unauthorized applications at the company level during work hours or to transmit business information from one place to another is higher by 15- 20% than IT executives estimate.
Solutions to fight computer attacks – from the technical department to the organizational culture
“Security incidents can be avoided by simple measures, from frequent password changes to implementing different levels of access rights to company information. Investments in advanced IT security solutions are also relatively easy solutions, but not enough for mistakes or internal attacks; the human factor is the crucial element of any strategy to ensure IT security at a company level,” said Cosmin Marcu. A study conducted this year by Ernst & Young highlights the fact that cyber attacks generated by malicious employees who steal, manipulate or destroy data represent the highest growth risks.
A set of well-defined security policies, employee education and employee awareness programs on the importance of protecting the company from cyber attacks and strategies to manage IT attacks (before, during and after the attack); all of these are also essential elements for ensuring IT security.
“From the beginning, Crescendo has assumed the mission to inform companies in Romania of the possible losses they can suffer through superficial information security. In over 23 years of activity, integrating Cisco technology and other world-renowned partners, Crescendo’s security and information security specialists have held seminars on business security and have advised companies in various fields to implement such policies and systems, through complex projects,” says Cosmin Marcu.
Article published in Ziarul Financiar