We are failing to attend to important things because we "don't see them," don't feel them, or simply because we "trust" that nothing will happen.
by Gigi Agassini, CPP*
Modernity has brought several relevant changes in society and has led us to be more flexible, more fickle, which implies a fragmentation of lives demanding that individuals be willing to change tactics.
This began with globalization and has accelerated exponentially with the use of technology, digitalization and the use of applications such as social networks, which give us almost immediate access to what happens in other parts of the world; These changes are not alien to our day to day and much less for the security professional.
At the end of 2019 we learned through social networks of a virus that changed our lives exponentially, impacting our habits, leading us to generate new processes and give greater importance to hygiene; also accelerating the digitalization of business and challenging us to innovate in the way we relate and do business.
And this is just a small example of the daily changes to which we are exposed and for which we must adjust to give continuity to business and as a society.
Certainly, after almost 3 years of pandemic (and what is missing) and depending on the measures we have according to our country, city and corporation, we have been resuming activities: some as before, others differently and others we probably eliminate from our list.
To mention some of these changes in our activities are:
- Increase in electronic commerce.
- Jobs: some hybrids, between remote and offices, significantly reducing the spaces of use.
- Massive events: some places with greater affluence and others with much less.
- Significant increase in applications for webinars and meetings, which are here to stay.
- Congresses: many hybrids to reach more places. People prefer targeted meetings (depends on country and city) with fewer people and more personalized.
- Education: several classes, diplomas, masters, specializations (depending on the subject) were moved to hybrids, to allow greater globalization of both specialists and participants.
And the list can go on on on the number of activities that in our daily lives, in the personal, family, social, work areas, as well as in the way of doing business, were modified and continue in that transformation.
With all these day-to-day dynamisms it is easy to neglect some other areas that require our attention, precisely to efficiently address and manage the risks that arise from this dynamic world.
I ask you dear reader: within your day to day and about the changes that are emerging for you and this world of new habits that considerably increased the use of technologies, applications, information technologies, interconnection with other systems, with other countries and more, are you aware and active about the threats that this entails? And you will probably answer a blunt "yes" with a taste of "obviousness" to the question exposed.
And it is that sometimes we assume that certain processes or activities follow their normal course, and they are fine, because probably until today nothing has happened to us, or probably, we have not realized (which is serious) or maybe we continue in the denial that it does not happen to us or if it happens to us, It will be little.
The world is increasingly dynamic, so much so that there is a tendency to "normalize" what is happening around us: violence, crime, organized crime, drug sales, cyberattacks, fraud, information theft, identity theft, wars, transportation theft, shootings, homicides, theft, etc.
We should not ignore that the physical world and the digital world today are "one" but protect each other differently, and although several standards converge on both, there are several that are specific to each of those worlds.
The truth is that all of the above leads us to the fact that we are failing to attend to important things because "we do not see them", we do not feel them or simply because we "trust" that nothing will happen; The tendency to overtrust intangibles grows with the use of technology, because we do not see what happens between all the connections, shared information and more.
The easiest way to try it is to start with our personal habits. I ask you reader, how many times do you change your passwords? How robust are they? Or, are you one of the people who uses the same password for everything because it's hard to remember them all?
This is a small example that will allow us to measure how much we pay attention to things that seem small but that can affect us significantly, to the extent of not allowing us the continuity of any business and even the disappearance of this.
It is undeniable that the collaboration of many areas is imminent to provide and guarantee business continuity, but it is very common to agree that "it is the responsibility of the other" when in a divergent world like the current one, which changes at every moment and in which we do not have enough time to adapt to the speed of change, Larger gaps continue to open up.
Ensure business continuity
Key areas such as "information technology, legal and security" become the cornerstone to ensure the continuity of any business. Continuing to work in silos only increases the possibility of a risk that may be impossible to recover such as a kidnapping of information or a millionaire penalty, all for not duly complying with the regulations and standards according to the turn to which we dedicate.
This is just a small glimpse into the impacts the business may be subjected to; and it is true that much is said about cybersecurity, cybercrime and the different crimes that grow rapidly around the world, but are we really working with IT to guarantee compliance with cybersecurity policies according to the framework that governs the company? Or, are we working with IT and Legal to ensure proper handling of privacy and personal data, as well as information security?
These are just a few questions that I leave on the table for you to think if from your responsibility (whatever it may be) you are doing the same to contribute to regulatory compliance, standards and reduce risk to the business.
So how do you relate today? You continue working in silos, in your cave or you are really making a difference collaborating with other areas and contributing to guarantee the real continuity of the business.
As I mentioned at the beginning, we are in a changing and dynamic "liquid" world, if today you are not making decisions for new technologies such as 5G, let me tell you that you are going to be late!
Until next time!
* Gigi Agassini, CPP
International Security Consultant