Is the sector ready for a cybersecurity overhaul?

‘Speed at which we have become hyper-connected has outpaced society’s ability to protect’

|

The global pandemic has changed our working lives over the last three months.

Working from home has become the norm across many parts of the world and companies have had to adapt swiftly to these changes.

It’s likely that the pandemic has accelerated the move toward more flexible working for many businesses, and while this presents many opportunities, it is not without its challenges.

Privacy and cybersecurity are areas that will likely garner greater focus from companies and their clients in the coming months and years, particularly in light of the General Data Protection Regulation (GDPR) rules which came into play two years ago, writes Rahul Bhushan, co-founder of thematic ETF provider Rize ETF.

Digital trails

In today’s hyper-connected world, our movements online are constantly being tracked. Trackers hide in every corner of the internet.

It is said that the average web page shares data with at least a dozen different third-parties.

The same goes for the average mobile phone, and which also holds a number of apps that are constantly collecting information, some of it sensitive such as location data and call records, even when the apps are not in use.

Not only that, in the physical world, shopping malls now use automatic license-plate readers to track cars that enter and exit their parking lots.

Businesses, concert halls and political campaigns now use Bluetooth and WiFi to perform passive monitoring of people in surrounding areas.

And more and more retail stores are now using facial recognition software to identify customers, protect against theft and deliver “better” and more targeted advertising.

Freedom vs protection

As a megatrend, cybersecurity is one that will have a colossal, long-lasting impact on the way consumers interact with digital tools.

The sector presents an exceptional growth opportunity for companies that are positioning themselves to benefit from this digital acceleration.

“Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety,” Benjamin Franklin said.

The adage goes that freedom is possible neither without privacy nor without protection.

But in today’s society, these two values seem to conflict. They beg important questions.

For example: to what extent can rules designed to safeguard individual privacy present an obstacle to ensuring adequate safety and security?

Or, what is the limit beyond which measures to ensure public safety begin to encroach on our civil liberties?

How much information is too much?

Like it or not, in this world, we are all endpoints in a series of data science clouds; with Amazon monitoring what we buy, Uber locating where we live and work, and Google and Facebook knowing our preferences, wants and opinions, often in real-time.

With millions of data points being fed straight into their – and other companies’ – data science machinery, these, and other, companies have figured out a way to monetise our personalities – which have themselves become decomposed into millions of data points across the digital ecosystem.

With so much data hoarded, organised, structured, analysed and stored, these companies, and by extension, governments, are now sitting on what most people would call ‘Too Much Information’ or TMI.

Regulatory structures like GDPR have appeared to give power back to the people. Under GDPR, for example, individuals have the right to ask organisations to erase their data, failure of which results in these organisations being faced with big fines.

A recent Cisco survey showed that 84% of respondents considered their privacy and personal data important, and wanted more control over how they use it.

Around 48% of these privacy-conscious consumers had already switched to new brands and/or service providers at least once because of their perceived better privacy practices and governance structures.

The cyber trinity

The importance placed on privacy goes hand-in-hand with three important developments.

First, the arrival of consumer-focused privacy regulation.

The enactment of sweeping regulation, specifically the GDPR and its equivalents around the world – such as the California Consumer Protection Act or the CCPA – has brought to light the need for good governance structures around our most sensitive data.

GDPR or similar regulatory structures are now going global. Few today take a company’s non-compliance with the rules lightly, and sanctions imposed for non-compliance have already reached values as high as $150m (£119m, €132m). It is becoming increasingly apparent now that, whatever the value a brand holds, a security breach can quickly erode that value if consumer information has been exposed.

Second, the fear  of consolidated power.

Today, we can all picture what it would be like to live in surveillance state, especially after revelations made by people such as Edward Snowden, or Julian Assange.

What we have learnt is that the “Big Brother” paradigm, in 2020, is entirely online. While we can all agree that a certain and healthy degree of state power is necessary to ensure public safety and ensure society remains civil and orderly, we can also probably agree that any government’s effort designed to protect us should not extend to the insides of our homes.

Or, that any effort by companies to offer us things they perceive we value – eg same-day delivery, on-demand video streaming, instant gratification on social media – should not help consolidate data, especially if data is the new gold, into the hands of a few.

Third, there is no end in sight for cyber-attacks.

Cybersecurity disasters are still the order of the day. Equifax, Sony, TalkTalk, Facebook, British Airways, and more recently, easyJet, there appears to be no end in sight.

IBM estimates that the average cost of a security breach equates to almost $4m. Cyber-attacks are unlikely to stop, and  according to the University of Maryland, today one occurs every 39 seconds.

With every new case that comes to light, people will grow increasingly sceptical and distrustful of big companies, especially ‘Big Tech’ companies, as well as governments.

Investment trend

Now, while all of this may seem daunting, the truth is that the speed at which we have become hyper-connected has outpaced society’s ability to provide adequate shelter and protection from the perils of the web.

And today we are paying the price for that. As the world tries to grabble with a resolution to the global pandemic, we have actually seen an increase in spending directed toward cybersecurity.

Organisations are already seeing good returns on their investments in this regard, with more than 40% believing that they have benefited at least twice as much as their privacy spending, according to Cisco.

As an industry that knows, only too well, the importance of safe-guarding sensitive data, cybersecurity should not only become a vital part of a business’s budget, it also has a role to play as part of an investment portfolio.

This article was written for International Adviser by Rahul Bhushan, co-founder of thematic ETF provider Rize ETF.

MORE ARTICLES ON