Getty Images/iStockphoto

Survey Reveals How Leaders are Overcoming Cybersecurity Hurdles

A recent survey of cybersecurity leaders across all sectors reveals that most organizations see compliance with data privacy regulations as a top priority.

Over 70 percent of cybersecurity leaders from various sectors have transferred at least half of their organization’s data to the cloud, according to a recent survey conducted by Corinium Intelligence. The survey shows how data privacy leaders are enabling cybersecurity transformations within their organizations.

Research revealed that 94 percent of respondents ranked data privacy compliance as their organization’s top priority. However, 45 percent are not concerned about regulatory fines and penalties despite the growing amount of cyberattacks across all sectors.

“The explosion of remote working has created borderless networking in a way that we have never seen. Services that were done in-house are now being moved to the cloud. That’s redefining what traditional network boundaries look like,” Michael Owens, survey participant and business information security officer at Equifax, said in the survey report.

“The move to the cloud means companies are relying more and more on third parties, which extends and increase the number of external entities that are involved in every supply chain.”

The survey stated that 70 percent of respondents are “very confident” or “extremely confident” that they know where all their data is stored. Respondents also agreed that the “number one benefit of centralizing data authorization and control is ensuring data security at a fine-grained level.”

However, keeping track of vast amounts of data is no easy task. In order to combat ransomware attacks, policy complexity, and misuse of data, cybersecurity leaders must work together and establish a strategy to ensure cyber-secure digital transformation. Survey respondents largely agreed that cybersecurity is a team effort.

“It goes back to the age-old saying that you can’t do privacy without security, and you can’t do security without privacy. Most organizations and most security programs are really focused on deploying tools to make sure that the whole network is protected without really understanding the business or the data that’s involved,” Marian Reed, president of SecurRisks Consulting, said in the survey report.

“You have to look at the overall business risk and figure out what are the security components that really make sense, and what do we need to deploy in this organization to protect it? And you can’t do that if you don’t have your privacy team at the table.”

Over half of survey respondents identified concerns over keeping up with ever-changing data privacy regulations, and most listed data breaches and internal or third-party misuse of data as a top concern for enabling cyber-secure digital transformation.

Data privacy is particularly crucial in healthcare as providers store personally identifiable information (PII) and protected health information (PHI) for millions of patients. In addition, COVID-19 led to an uptick in telehealth use, providing more opportunities to attackers.

Healthcare data breaches can cause EHR downtime and delays in care, which could have catastrophic effects on patients. In addition, breaches can cost a healthcare system millions of dollars. UVM Health is still financially recovering from a breach that happened eight months ago and incurred costs up to $63 million. In addition, Scripps Health is facing multiple lawsuits over its handling of a ransomware attack in May.

Based on responses, the survey recommends centralizing data authorization and control in order to maintain an organization’s security. Lack of control can lead to technical difficulties and the creation of rogue datasets. Switching to a centralized platform ensures efficiency and security at every level.

In addition, the survey recommends that organizations adopt a zero-trust approach to data access and stresses that organizations must stay vigilant of the latest data privacy regulations. It is crucial that healthcare organizations stay on top of the latest HIPAA guidelines to ensure compliance and keep data safe from malicious parties.

Next Steps

Dig Deeper on Cybersecurity strategies