There is plethora of information available conveying the importance and facts pertaining to Cybersecurity. No point talking about the details to convince someone of these facts, take a sneak peak at some stats compiled by Varonis out of which; by far the foremost cause of a cybersecurity incident is a human error. According to one of the reports published by Kroll: 88% of the data breaches in UK were a result of Human Error. And of course: To Err is Human...!!!
At the time writing this article; the world was battling the Corona Virus which has ravaged almost every developed economy with over 1.5 millions affected and 90 thousands dead. On the other hand few countries played the Awareness game - a country with over a billion people with insufficient medical infrastructure kept the infections as low as 0.1 per million population.
On one hand we have had over 5000 breaches exposing over a 7 billion records in 2019; with an average cost of $ 300K to mitigate the breach; major cause of which is Human Error; on the other hand a country with a billion people reporting lowest percentile of infections during a pandemic adhering to just basic awareness and lock down which of course coordinated by those billion people.
Common aspects in both the scenarios are HUMANS and AWARENESS; if they are made aware of Cybersecurity: can we say a big chunk of the data breaches could have been avoided? Most Certainly - YES.
Most of these Organizations have well laid out Policies and Procedures - without a doubt
A good number of these organizations must have had Cybersecurity policies - which make sense given they are established well
With the nature of business conducted by these Organizations - its obvious that the employees are skilled and resourceful
With the Global Presence - these organizations are definitely not NOVICE to technology
Technology means: Hardware, Software, Firmware, OS, Configurations etc etc. How frequently do they get updated?
Is there a program to manage the updates and upgrades: A Patch Management Policy
Unless there are applications dependent on H/W, S/W versions - any power user can update their computing device
With most of the Business moving to Cloud - there should be no reason why Cybersecurity cannot be achieved at least to a level.
A level of Cybersecurity can definitely be achieved with a combination of the below: