Cybersecurity as a facet of growing CSR demands
According to the World Economic Forum’s (WEF) 2021 Global Risk Perception Survey, cybersecurity failure ranks as the fourth most threatening short-term global risk, singled out by 39% of the respondents. With personal data becoming a driving force of the fourth industrial revolution, ethical approach and responsible data management are among the goals of corporate social responsibility (CSR).
SASB Materiality Map’s data show that customer privacy and data security issues are likely to be a relevant CSR issue for more than half of the companies operating in the software & IT service industry. Enterprises are responsible for keeping their clients’ and contractors’ data safe, in addition to securing their own corporate information.
Today, data is a product of economic activity and the material for further growth. Private information, however, is a part of everyone’s identity, and no measures can be too strict in trying to protect it. Appropriate and robust security measures should be every company’s commitment to society.
“Companies should consider cybersecurity as part of their CSR strategy to manage risk, build trust, and stay resilient in a changing digital landscape”
Employees lack digital literacy
In 2021, global cybercrime is estimated to cause $11.4 million of damage per minute. In an interconnected and digital world, collected data is no longer a simple asset and requires appropriate measures and a company’s social responsibility to secure it.
While growing reliance on digital tools and network connections bring progress, not everyone benefits equally. Socially responsible businesses should be also aware of those unable to keep up with the change. For instance, there are 1.9 million households in the UK without internet access, and many rely solely on pay-as-you-go services.
Despite the pandemic having proved the majority’s ability to telework, the WEF’s Global Threats Report has also found that a worrying 60% of adults lacked basic digital skills when schools and workplaces shifted to remote work. With 85% of companies planning to accelerate the digitization of the workplace, indifference might aggravate the situation.
“Digital literacy is a key skill in today’s transforming world, contributing to growth and economic development. Cybersecurity issues also have a role to play, as people lacking digital knowledge are vulnerable to social engineering attacks and other forms of scams,” says Juta Gurinaviciute, the CTO at NordVPN Teams.
Data privacy is only one part of the story, as 23% of countries censor or ban independent news, limiting their citizens’ access to digital resources and preventing them from political action. In such scenarios, cybersecurity tools, such as VPNs, help those oppressed overcome the restrictions and drive change.
Cybersecurity at the core of every company’s resilience strategy
With more regulations put to action, people are becoming conscious about the data that corporations gather. They can now question the misuse of information, and authorities have more power to investigate those cases.
Enterprises now must comply with General Data Protection Regulation (GDPR) guidelines, California Consumer Privacy Act (CCPA), and other rulings in a set of countries, but the deliberate initiative of data transparency contributes to the company’s CSR and builds customer trust.
“If security is perceived as a social imperative, by protecting data businesses will contribute to the overall information hygiene. Malicious actors, leveraging vulnerabilities and people’s ignorance, shouldn’t only be treated as criminals, but as a social issue as well. By protecting clients’ data as strictly as their own intelligence, companies will contribute to the safety of cyberspace,” comments NordVPN Teams’ CTO.
More than half of chief information security officers (CISOs) plan to implement cybersecurity into every business decision they make. No doubt it will soon find its way into CSR manifestos.
To accelerate change, organizations can integrate cybersecurity goals among other objectives and measure them accordingly. By making cybersecurity one of the KPIs, companies can contribute to the thriving digital economy and build common resilience.