By Suraj Tiwari, Head – Information Security, VFS Global
One lasting effect of the pandemic is a world that spends more time online than it ever did. Work, social engagements and our everyday interactions with the neighbourhood ecosystem – nearly every aspect of our lives has a virtual footprint today. While this transformation opened many opportunities for businesses, the accelerated adoption and use of digital technology also increased our exposure to cyber risks.
According to Cisco’s 2021 Cyber Security Threat Trends report, phishing attacks account for 90 per cent of data breaches, attacking the weakest link in the security ecosystem: users. Similarly, a report by Acronis revealed that one in two companies faced cyberattacks at least once a day amid the pandemic, with 16 per cent attacked each hour. Keeping in mind the pace at which cyber crimes increased during the pandemic, companies had to upgrade their services to go digital-first rapidly. However, in most cases, it has been an uphill journey for businesses to match the fast-changing environment and manage the growing external threats because of the sheer amount of data being shared daily by users across the globe. These new generation risks became an additional challenge for many enterprises to ensure business continuity.
Consumers today are more aware and are actively questioning the use of data being collected. This has also increased the need for organisations to demonstrate how they place transparency and trust at the core of what they do.
Sharing and storing personal, health, and financial data are among the immediate consequences of shifting our lives online and relying on technology for nearly every aspect of our existence. Cybercriminals often target the data by carrying out phishing scams, malware attacks, fraudulent schemes, and ransomware attacks. They also may use this information to exploit people in numerous ways. With internet activity being constantly tracked, attackers can record user patterns and preferences through their own surveillance mechanisms like screen scraping and online behaviour tracking.
It is not always negligence that causes such vulnerabilities, but often the lack of stringent security controls on popular platforms leading to a surge in cybercrime incidents. Even with the countless cautionary tales of data breaches and cyber-attacks, digital transformation is the future. And it will only continue to expand its reach in the years to come. It’s therefore imperative that we arm ourselves with the right knowledge to safeguard our data and privacy in a digital world. Businesses, big or small, can start their cybersecurity journey by putting the right data security policies to guide their stakeholders, regularly training employees on maintaining online safety, ensuring multi-factor authentication, encrypting sensitive information, setting up firewalls and adopting regulations applicable to their sector, such as HIPAA, PCI and GDPR. By incorporating these guidelines, companies can move from being ‘Data driven’ to being ‘Data conscious’; a sweet spot where data meets human intuition to make the right decision. For example, VFS Global, the world’s largest outsourcing and technology services specialist for governments and diplomatic missions worldwide, abides by General Data Protection Regulation (GDPR) law, which ensures that sensitive customer data gets periodically purged from the systems after the visa processing services are delivered.
Protecting your digital footprint with utmost vigilance requires one to be wary of the convenience offered by online products. The lack of information security awareness among users is often at the crux of most data breaches and security threats. Fact-checking information across multiple sources for yourself and seeking expert opinion to question even the most seemingly innocuous data collection has never been more crucial.
One should be very careful while opening attachments and links in emails that one was not expecting, and which appear too good to be true. Controlling the urge to react to such unexpected emails will go a long way in protecting you from becoming a victim of phishing scams. By incorporating good practices, users can go a long way in protecting their digital identity in these changing times.