Can good cybersecurity policies improve our quality of life?

In 2020, The World Economic Forum (WEF) named cyberattacks as one of the top long-term threats facing the planet in its annual global risk analysis report. With the damage to reputation, consumer trust and financial loss now well documented during high-profile data breaches, businesses are more aware of the risk they face and how they can better protect themselves. However, one area of cybersecurity that receives less attention is the impact good cybersecurity practices can have on quality of life.

The Mid-Year Data Breach QuickView Report, highlights the extent of this problem, revealing that the number of records exposed this year has been four times higher than any previously reported time period, at an incredible 27 billion.

Yet, while the impact on organisations has been well documented in the media, cyberattacks such as the First American Financial Corp. data breach in 2019 has highlighted the long drawn out journey consumers also face when their information is taken.

Digital Quality of Life

Before going further in this blog, it is important to define exactly what is meant by a digital quality of life. The concept itself revolves around five key pillars that influence digital equality and wellbeing. These are internet quality, affordability, cybersecurity, online government services and electronic infrastructure. The idea is that when these five pillars are secured, the standard of health, comfort, and happiness experienced by an individual or group increases.

What role does cybersecurity play on individuals’ well-being?

The link between well-being and cybersecurity is one that is pretty straightforward. This is because while the organisation affected by a cyberattack may leave the news after weeks or months, the journey for the consumer can last a lifetime.

Indeed, there can be no doubt that becoming a victim of a cyberattack or having your data stolen in a breach is extremely stressful, with Stanford professor of psychiatry and behavioral sciences, Elias Aboujaoude’s, study revealing that patients often suffer from anxiety, depression, and post-traumatic stress disorder when their personal details are exposed online.

This is understandable given that when our private information gets into the wrong hands, whether it is then used for malicious reasons or otherwise, we undoubtedly feel an elevation in anxiety. This is further exacerbated if it is a breach of sensitive information like medical records. Also adding to the anxiety is the effort to determine and follow the process in identifying information that has been taken and determining the risk is to your digital accounts.

In addition, victims find themselves having to do a lot of work to repair the damage done. This can include calling your bank if financial information has been taken, changing your passwords for any related accounts, and even filing police reports in the most serious cases of cybercrime. As it is almost impossible to tell what the outcome will be if these processes are not undertaken, individuals may feel the consequences of these breaches for a long time.

How can governments and enterprises help?

The research above highlights why a government that is responsible to create the foundation to protect and provide for its citizens would pass strong privacy laws that address the ongoing distress caused by current data management habits. Regulation that punishes those companies who are lax with their customers’ data inherently reinforces a feeling of security for citizens. It is interesting to note, that in the Digital Quality of Life Survey 2020, seven out of 10 countries with the highest digital quality of life are in Europe and are thus protected by the GDPR. From this, it appears there is a clear link between the creation of effective cybersecurity policies and the ability to reassure citizens that their credentials are secure and being used ethically according to laws set by the institutions designed to protect them.

For enterprises, investing in secure digital infrastructure should be a priority. With 75 percent of consumers reporting, in a 2018 IBM survey, that they would not buy a product from a company – no matter how great the products are – if they don’t trust the company to protect their data, poor cybersecurity posture is not something businesses can afford to take lightly.

And, although it’s great to have a plan of action when a breach or ransomware attack occurs, it’s even better for businesses to take charge and proactively protect their costumers’ private information (PII). All data security begins with implementing least privileged access to the sensitive data. The foundation for creating a data safe environment begins with controlling access to applications and systems using an identity and access management solution, such as multifactor authentication. To complete a data security strategy the sensitive data needs to be protected as well with policy that prevents unauthorized access using access controls, encryption, tokenization and maintaining audit logs. After all, in the long term these investments won’t just save the company and CSO stress, but also, just as importantly, help their customers achieve a high digital quality of life.

Learn more here about how to create an effective encryption strategy in your organisation.

*** This is a Security Bloggers Network syndicated blog from Enterprise Security – Thales blog authored by Charles Goldberg. Read the original post at: