The data must flow (Part 1)

(with apologies to Frank Herbert…)

It may be hard to imagine now, but it wasn’t that long ago that discerning business leaders were able to have thoughtful discussions on the synthesis of technology and business strategy while scarcely ever uttering words about cybersecurity. 

How times have changed. 

Today, cybersecurity concerns touch most every aspect of business operations as companies and governments have deployed substantial digital assets and vulnerabilities abound. In fact, the threat economy now rivals the GDP of advanced countries. By one estimate alone, the World Economic Forum calculates the cost of cybercrime at $10.5 trillion USD in 2023. And it’s rising.

Business leaders are adapting strategies to meet the changing times. For example, the influential Director’s Handbook on Cyber-Risk Oversight, recently released by the National Association of Corporate Directors (NACD), sets its first principle as “Directors need to understand and approach cybersecurity as a strategic, enterprise risk, not just an IT risk.” 

Investments in cyber are also changing: 65% of organizations plan to increase cybersecurity spending in 2023. Gartner projects that spending on information security and risk management products and services will grow 11.3% to reach more than $188.3 billion this year alone.

An Occult View of the Cyber-Enabled Economy

But there’s a deeper level to uncover: the lifeblood of our deeply connected global system is data. At this concealed level, global business is deeply challenged by the complexities of cross-border information flows, cybercrime, data privacy, new frameworks, and increasing or changing cybersecurity regulations

Business leadership today needs to pay particular attention to data and flows. Consider that a recent McKinsey report notes the fastest-growing global flows are now data, services, intellectual property, and international students. Estimates vary on how much data is flowing at any given second (an “intangible”) but there’s no denying its centrality.

It is also clear that ensuring the free flow of data across borders is a paramount concern to business and government. After all, industry derives exceptional value from its use, allowing for rapid innovation such as what we are now seeing with advancements in AI. It also affords the tantalizing possibility of solving some of the world’s most pressing crises. 

But how is data best protected?

Along with technological changes and risks to business operations, it’s critical to understand that it’s the regulatory environment that allows data to flow and businesses to operate at global scale. Regulations also provide an opportunity for businesses and governments to help protect data, whether intellectual property or PII, from cyber-enabled threats. 

Indeed, compliance with data regulations can actually help businesses grow and fight the scourge of cybercrime.

Your organization needs to think deeply about the role of data, privacy, protection, and flows. Consider the following acts and regulations and their implications for your organization:

Lastly, governments have developed free resources for you to identify and manage privacy and data risks. For example, NIST offers a voluntary Privacy Framework tool. And the EU offers a GDPR checklist tool for data controllers.

In our second blog entry on the centrality of data and the challenges of keeping it secure and flowing, my colleague Dr. Rois Ni Thuama and I have the pleasure of talking with one of the world’s foremost experts on the topic, Linda Priebe of Culhane Meadows, PLLC.

PUBLISHED BY

Sean Costigan

9 May. 2023

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more
News

Meet Red Sift Radar: The Skilled Up LLM That Finds and Fixes…

Rahul Powar

After months of beta testing and feedback, we are excited to announce that Red Sift Radar, our skilled up LLM offering seamless integration with Red Sift OnDMARC, is now commercially available.  With Red Sift Radar, security teams can detect exposures, prevent configuration drift, and classify assets or suspicious activity without adding additional headcount. By…

Read more
News

G2 Fall 2024 Report: Red Sift OnDMARC Wins Big

Francesca Rünger-Field

We’re delighted to share that Red Sift OnDMARC’s winning streak continues. This Fall, we’ve once again been named a Leader in G2’s DMARC category, achieving recognition in both the overall Leader category and Europe for the first time. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift…

Read more
Cybersecurity

Resilience Rising | Episode 3 with Kevin White

Red Sift

In this episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, and Kevin White, Senior Operation Consultant with Enhanced Information Solutions, explore the critical intersection of wastewater management and cybersecurity.  The two highlight the health and operational impacts of cyber threats on water utilities, emphasizing the vulnerabilities due to…

Read more
Certificates

Your guide to PCI DSS 4.0 Cryptographic Requirements

Rebecca Warren

The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized framework designed to protect cardholder data during processing, storage, and transmission by merchants and service providers. PCI DSS outlines a set of stringent security controls that organizations handling payment card information must implement to mitigate the risk of data breaches and…

Read more