Posted by ConvergeOne on Mar 10, 2020 10:00:00 AM
Raise your hand if you’re guilty of sending secure information using your cellular device. Don’t worry—we all do it, despite the inherent risk involved in transmitting sensitive information across cellular and data-driven networks. However, this could leave not only your organization, but also your customers’ personal information, at risk. Customers want to feel safe interacting with your business. A critical component of an excellent customer experience involves ensuring the safety of your customers’ data.
Let’s take a step back and first discuss the importance of a strong cybersecurity program. In its latest Global Risks Report, the World Economic Forum rated a large-scale cybersecurity breach as one of the five most serious risks facing the world today – and the scale of the threat is expanding rapidly. In 2018, the US Intelligence Community Worldwide Threat Assessment identified cybersecurity as the #1 threat for the 3rd year in a row. Cybersecurity Ventures estimates that by 2021, the financial impact of cybersecurity breaches globally will reach $6 trillion, double the 2015 total.
Coping with digital challenges and mitigating these risks is an increasingly urgent focus of organizations around the world. To gain cyber resilience and fight cybercrime, companies are boosting their investment in cybersecurity. Of the 1,200 C-suite leaders polled by EY for its 2018 Global Information Security Survey, 70% responded that they expect to increase their corporate security funding by 25% or more in the coming years.
Today, regulators, lawmakers and customers alike demand that companies take steps to improve their defenses. As a result, organizations are devoting more and more time to developing crisis response plans for potential attacks. Two years ago, IBM opened one of the country’s first cybersecurity sites in Cambridge, Massachusetts, to help companies learn how to respond to simulated cyber-attacks. The company describes the experience as “a game of Clue mixed with a Disney roller-coaster ride.”
A Secure Customer Experience
The best place to start in providing a more secure customer experience is the office of the Chief Information Security Officer (CISO). The CISO is a Cybersecurity expert assisting organizations to successfully implement their security and privacy strategies. Their focus is on business imperatives, protecting IP and the brand, achieving or maintaining regulatory compliance, establishing a culture of security and ensuring that a resilient, adaptive security strategy exists. That’s why we interviewed ConvergeOne’s Chief Information Security Officer, Collin Buechler, to determine the steps to ensuring a secure customer experience.
According to Buechler, “every day is a new threat landscape.” New and emerging challenges – including risks generated by the use of mobile devices, the vast volume of evolving threats and vulnerabilities, and the difficulty of complying with the expanding regulatory climate – have added to the complexity of fending off cyber-attacks that affect sensitive customer information.
Though consumers are typically aware of the risks, they believe that digital channels are mostly secure. In reality, hackers are everywhere, and the majority of breaches are caused by an attack on the company’s people rather than its technology. An entire ecosystem exists on the black market to develop and sell viruses, which are implanted via malicious emails, phishing, and other social engineering methods.
For example, a large U.S. based financial services firm suffered a security breach in 2018 that exposed the personal information of thousands of its customers. The hackers were able to gain access to the data by impersonating financial representatives and tricking the firm’s information technology help desk into resetting passwords. This is an example of “vishing” (a portmanteau of “voice” and “phishing”) – whereby a malicious actor impersonates someone over the phone to trick others into providing customer or personal information – and it’s becoming all too common. In fact, 60% of account takeover incidents involve the contact center, and the impact of these attacks is tremendous: Identity fraudsters stole $16 billion from 15.4 million victims in the U.S. last year alone.
The attack on this financial services firm illustrates an important shift in how companies need to approach cybersecurity. We call this shift “posture over product.” What this means is that cybersecurity needs to be a balance of people, process and technology. Good security is not found in a “box” or any single product on the market. Good security is about having a negotiable feel for people and how they learn best, processes and policies that are fully understood, adopted and yield consistent results, and technology that is field validated, not just innovative or unique. Lastly, cybersecurity should be right there with concepts like corporate governance and safety, fully ingrained in the culture of the organization, and with a strong setting of “tone at the top.”
Check back soon for part two of this blog series, where we will share the steps you need to take to deliver a secure and excellent customer experience.
Are you providing a seamless and secure
Your customers expect their data to remain secure. A breach could significantly impact their privacy, not to mention their trust in your organization. Download this ConvergeOne white paper to learn how to make the shift toward a more cyber-aware and secure culture while maintaining the high level of service your customers demand.