By Subramanyam Reddy
Consider this, Americans annually lose up to US$ 15 billion due to identity theft. And, on average, it takes close to 200 days to identify a security breach. If you consider individuals and micro enterprises, the gap between security breach and its identification could be a lot more. According to a Financial Express report, during the first wave of Covid-19, India overtook all Asian countries with the scale of digital payment, processing transactions worth US$ 25.5 billion in 2020. In fact, 2020 alone saw a 130 percent jump in the number of phishing sites across the world. Such sites, among other modus operandi of cyber criminals, impact not just private individuals, but businesses, and even governments!
With the ongoing FIFA World Cup, there’s been a marked increase in phishing scams in the Middle East. There are 1.2 million visitors expected to visit Qatar for the mega event. In the backdrop of such a time, these factoids and statistics point to a glaring lacuna in cyber security practices followed by enterprises and individuals alike. It’s not that simply becoming aware of such numbers would lead to a reduction in cybercrime. However, knowledge in this case, is the key to change. And businesses need to embrace this change to protect not just their own financial interests, but also those of their investors, customers, and associates. Enterprises of any scale can take the first steps towards IT security by understanding the kind of threat they face, and how it evolves alongside the advancements in technology, and following it up with implementing a comprehensive IT security strategy that uses a combination of proactive threat identification and quick defense measures to neutralise the threats.
Among the proactive measures that enterprises can take, deploying ethical hackers has stood as the proven strategy helping businesses identify loopholes in their IT systems, and coming up with ways to secure them, before they are noticed by hackers and other cyber criminals, putting millions at risk. An ethical hacker uses the same skills that a hacker does, the biggest difference is which side they work on, and the purpose of their work – to uncover the routes for attack and to identify security weaknesses in the system.
The biggest problem institutions face when choosing this proactive measure to defend themselves against cybercrime, is the lack of skilled professionals in the domain. In countries with fast developing economic infrastructure, such a gap contributes to setting the industry back by several years, if left unaddressed. In India, experienced ethical hackers earn up to INR 50 lakhs per annum helping enterprises find and plug security gaps in their system. The challenge for enterprise lies in creating a workforce of capable, skilled, and qualified cyber warriors that can protect and promote institutional interests and security.
Thankfully for Industry 4.0, the solution lies well within their reach, in digital skilling programs. Global leaders in IT security have carefully developed curricula that equip a workforce with skill-based learning programs and in the process, help bridge the talent gap the industry is faced with. When enterprises invest in training their workforce in IT security, they are placed in a position to reap the rewards of increased profit margins, greater trust from stakeholders and customers, and the space to focus on the things crucial for the business goals. And while it is considered a secondary benefit of skilling the workforce, increased employee satisfaction and retention goes a long way in improving the brand equity for an organisation, irrespective of the industry it operates in.
Investing in digital skilling of their workforce to build teams of ethical hackers and promote IT security within the organisation is the way forward for enterprises.