Business resilience

Digital migration unveiled a new world, but it is necessary to protect yourself against attacks

Mulher com tablet
As the World Health Organization (WHO) acknowledged the pandemic, social isolation policies were adopted, thus causing a compulsory migration to the home office and digital work.

According to McKinsey & Company global research ‘Covid-19: Impacts for Business’, companies have sped up their digital transformation, customer interaction, and advances in supply chains, the equivalent of four years of working under normal conditions.

To meet the changes caused by digital transformation, companies needed (and still need) to adopt a series of measures to speed up the maintenance of their current business and even create new organizational models:

  • To understand that digital transformation is more a strategic process than a technological one. In other words, it is not enough to develop future scenarios without a high capability of execution. Hence, it is up to business leaders to understand that alignment between strategy and execution is essential to the survival of the business;
  • To constantly monitor the maturity of the business, both for the elements necessary for transformation as well as for innovation and processes that support these initiatives;
  • To constantly monitor the market. Therefore, data from companies that adopt new technologies and show positive results are important to understand what their business strategies are. It is important to highlight that these companies may or not be tech companies. A business intelligence capable of collecting and analyzing data is important in creating feasible technological routes;
  • To understand that data is a great asset. Therefore, it is strategic to have teams dedicated to capturing, treating, and assisting decision-making. More important than traditional operational structures, it is decisive the shift to teams focused on data and new offers of value to the market.

In the face of this expedited transformation, there is a list of implications for most businesses and
an expectation of identifying responses or paths. Among them are the basic requirements for remote
work, which include, for example, the demand for a fast, stable, and secure internet connection, in
addition to an ergonomic environment suitable for carrying out tasks.

The FDC survey, in partnership with Grant Thornton Brazil, “New ways of working: adapting to the home office in Brazil in times of crisis” carried out a few weeks after the isolation policy - indicated that 90% of the respondents showed confidence in the technology for home office work, including video conferencing and online file sharing. This shows that the security issue was not yet a concern.

However, over time and the increase in the rate of domestic accounts and invalid or cloned home
networks, security has proved crucial and has triggered a warning to business leaders.

In times of social isolation, it is essential to promote the development of policies and practical mechanisms that can be suitable for accessing virtual communication networks without compromising the privacy and confidentiality of your information.

Even with the Covid-19, the country has been working on actions aimed at digital transformation and data protection and management. According to the Cybersecurity Ventures website, it is estimated $ 6 trillion in financial losses worldwide in 2021 caused by hacker attacks, an increase when compared to the $ 3 trillion recorded in 2015.

To meet the speed of change, companies are implementing measures to mitigate possible cyber-attacks and maintain information security:

  • Check if your company supports the process of reliability, integrity, and availability of information;
  • Assess whether or not the technologies provided to employees meet requirements such as: equipment speed, connectivity, security, among others;
  • Implement policies with clear and specific rules to apply the BYOD (Bring Your Own Device) adaptation. For the successful implementation of BYOD, companies must have a good corporate information security policy, provide training to employees to understand the rules for implementing the policy, and the operating system must accept outdated versions of equipment;
  • Adopt technologies that can sustain customer relationships and interactions even remotely;
  • Keep updated procedures, rules, and policies related to data processing, transmission, and collection;
  • Understand and know the General Data Protection Law (LGPD). The Public Prosecutor’s Office has acted rigorously with regard to penalties;
  • Offer cybersecurity training for all employees and partners, adapting manual activities that
    could be robotized;
  • Consider the increase in traffic when reviewing information security protocols and adjust the features of your Security Operational Center (SOC);
  • Constantly monitor companies’ files that are being saved in the cloud;
  • Establish data encryption and sharing rules;
  • Provide adequate training to the IT team so that the department can accommodate a greater number of requests that will come with remote working;
  • Design and execute a clear protocol for cases of suspicious activities;
  • Perform a detailed risk assessment and comply with procedures to mitigate the possibility of failures; that is, perform the cybersecurity ritual;
  • Create layers of defense and mechanisms capable of detecting risks and delaying the action of hackers;
  • Insert data protection at the core of the strategy and not just a concern of the IT department;
  • Develop data dashboard and alerts in real-time in order to support to the different executive levels;
  • Formulate emergency response plans in a timely manner to address issues related to information security;
  • Make changes with regard to the support of the IT department, so that the area can meet the increase in the number of requests;
  • Ensure that the three pillars - people, processes, and technology - converge towards the adoption of corporate policies and strategies that enhance data and information security.