Core cybersecurity principles for new companies and products
The rapid increase in cyberattacks and pressures escalating from changes prompted by COVID-19 have shifted consumer behavior. The findings of a report by the World Economic Forum outline core cybersecurity principles and point to how companies and investors must significantly reduce cyber risk to remain competitive.
“There is a serious imbalance between the “time to market” pressures and the “time to security” requirements for shiny new products and gadgets,” said Algirde Pipikaite, Cybersecurity Lead, World Economic Forum.
“With the rapid increase of cyberattacks, companies need to prove to consumers the security of their data. As the market shifts due to the rapid technology adoption in all spheres of our lives, we expect to see more investment in companies prioritizing security and their longer-term success.”
The cyber essentials
The cyber essentials include explicit core principles and requirements for new companies and products. They represent the most important requirements that, if implemented, will provide a robust cybersecurity framework encompassing organizational, product and infrastructure security.
“We see two types of early-stage companies: the ones that treat cybersecurity as a checkbox compliance issue, and the ones that understand that it is fundamental to maintain the trust of clients”, said Craig Froelich, CISO at Bank of America.
“If an emerging company fully commits to cybersecurity, then its commitment will be rewarded by market confidence and consumer trust.”
The cyber essentials need to be tailored to an organization’s size, nature and type of product. The report details each, followed by practical steps for their implementation and guidance for investors on how to validate them.
“As digitalization spreads across the global economy and within businesses, we typically focus on incidents of significant impact, on larger organizations covered by the media, or businesses where regulators require certain levels of disclosure,” said Martina Cheung, President of S&P Global Market Intelligence.
“We should not forget, however, that entrepreneurs are typically small and medium-sized enterprises (SME) and that SMEs represent about 90% of businesses and more than 50% of employment worldwide. Cyber-related incidents could have a dramatic impact on their survival. An overwhelming majority of executives continue to be largely dissatisfied with the effectiveness of their cybersecurity spending, often all too myopically focused on the newest technologies,” said Benjamin Haddad, Director, Accenture Ventures and a contributor to the report.
”A strategic trade-off needs careful consideration to benefit fully from the combined power of cyber innovation, while minimizing the threat and enabling the people to perform effectively.”
With the economy and society growing ever more dependent on technology and particularly so in the COVID-19 pandemic, the security and privacy of our digital tools are more important than ever.