Niamh Muldoon, Trust and Security EMEA at OneLogin
Safety and security have not been embedded into the people, processes and technology at our businesses. This needs to change
When we think about the definitions of ‘safe’ and ‘supportive’ from a technology perspective, it’s important that we acknowledge they mean different things to different people. From OneLogin’s perspective, it’s about trust. It’s how you demonstrate to your customers what each means, and in our case, it’s about delivering a quality service and balancing cost and risk.
This is increasingly important for the many global businesses that work around the clock, without extending this attitude to their security. While no organisation is entirely breach-proof, if the round-the-clock attitude does not extend to their security posture, it is going to represent a problem. Unless a security programme is holistic and represents an all-encompassing approach to security, there is a huge risk. However, it’s important to reaffirm that there’s no such thing as a silver bullet that an organisation can use to kill the threat of data breaches.
Another problem is that cybersecurity is not an issue that captivates at board level. Whereas some organisations are great at recognising this, some still do not understand the financial and reputational damage that a breach can create. It’s important to see trust and security as a brand differentiator – it’s something that can really set you apart from your competition with the right investment of time, resources and expertise and can help your organisation to become an example that others can follow.
This will help to foster an appropriate culture of security across your organisation’s people, processes and technology, which is also missing from many enterprises. To give an example from a recent OneLogin Remote Work survey, only 38 per cent of organisations had deployed a multi-factor authentication solution to keep their employees safe and provide a more secure method of login. Even worse, 13 per cent of organisations said they had not applied any further security measures whatsoever. This failure to foster a culture of security – meaning security programmes do not become priorities within the business structure – is leading to the widespread failures to do the basics right, which in turn leads to poor security cultures and, eventually, security incidents that can do an organisation serious damage.
There is another way: If you can partner with an organisation that works with you to ensure that security is built into every facet of your business, you can create a safe cultural environment where security can thrive and threat actors find fewer and fewer routes into your network.
Work to embed security into all of your people, processes and technologies. To find out more click here.