FEATURE : BUSINESS CONTINUITY
cybersecurity continues to be a pressing concern for CIOs and IT teams . “ Current cybersecurity challenges require CIOs to focus on designing and implementing practical strategies that ensure organisations can prepare , respond and adapt to operational setbacks , ranging from short-term interruptions to long lasting disruptions ,” he said .
Sebastiaan Rothman , Cloud Solutions Architect , Altron Karabina , said cybersecurity is emerging as critical
WHILE FORMULATING BUSINESS CONTINUITY FRAMEWORK AND POLICIES , IT IS IMPORTANT THAT CIOS FOCUS ON DATA PROTECTION , AS WELL AS DISASTER RECOVERY STRATEGIES .
to Business Continuity and growth in 2021 because dispersed workforces and heightened IT threats call for deliberate actions to ensure security is robust .
“ As business leaders review and consolidate many of the dramatic operational and workforce changes that were implemented in response to the health crisis , cybersecurity is coming to the fore as a major risk to Business Continuity ,” Rothman said . “ Existing threats to companies in the form of data breaches , social engineering and phishing attacks , for instance , have now been amplified with employees working from home and IT teams having significantly less oversight over user behaviour . On a global scale , the cyberthreat to Business Continuity and economic stability is so large that ‘ cybersecurity failure ’ is listed among the top five risks in the World Economic Forum ’ s Global Risks Report 2021 .”
According to Heriot-Watt ’ s Gill , maintaining workforce efficiency and seamless customer communication are other key challenges that CIOs are currently faced with . He said for companies operating in a highly competitive business environment , CIOs need to ensure that their employees , customers and business partners are able to access the information , products and services whenever they are needed . “ This should continue as a top priority for CIOs in 2021 and beyond ,” Gill said .
Rothman added that for South African businesses , a dual pressure is also looming in the form of the Protection of Personal Information Act ( POPIA ) which came into effect in July 2020 – and carries with it major financial and reputational risks for businesses that don ’ t comply . “ Yet while this risk landscape can appear both daunting and overwhelming for businesses already under operational pressure , there are immediate , cost effective and accessible steps to take in order to become both more secure and to ensure data security compliance ,” he noted . “ Arguably , however , it must begin with an understanding that cybersecurity and information assurance are not technology problems : these are business challenges that are usually solved by implementing robust business processes ( in addition to strategic technology solutions ).
Compliance and security
Emad Fahmy , Systems Engineering Manager , Middle East , NETSCOUT , said it is now clear that moving forward , remote and hybrid work are becoming a more common alternative in the corporate world regionally . Fahmy said while the magnitude of this shift is still to be determined , the needs of remote and home-based users present a strategic challenge to IT organisations . “ These employees maintain high expectations regarding the performance of business applications hosted in data centres and cloud or from SaaS providers ,” he said . “ The unprecedented switch to remote work and learning creates a massive strain on network , security and application infrastructures . Even the smallest DDoS attack could affect remote user access to corporate resources . Employees must now rely on VPNs to access vital business applications such as finance , HR , and engineering , making VPN endpoints a critical business lifeline .
He pointed out that DDoS represents a significant threat to Business Continuity . “ DDoS attacks can target the mission critical business applications that your organisation relies on to manage daily operations , such as email , salesforce automation , CRM and many others ,” he said . “ Thus , in addition to managing employee and customer experience and ensuring the availability of important services and applications , CIOs and IT teams have the additional obstacle of defending their enterprise against cyberattacks as well .”
Rothman explained that leaders need to understand that becoming compliant does not make an organisation secure . “ Just because you have a control in place doesn ’ t automatically make it effective . And sadly , in many instances , the lack of maintenance or skilled management of these controls render them almost useless from the outset ,” he said .
42 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com