Security Is Your Best Business Ally
Industry Trends and Technology, Point-of-View
Originally published in OpusCapita Journal.
If it can be digitalized, it will be. The expansion of the digital world into all areas of life makes security critical in all sectors. We asked Jarno Limnéll, Professor of Cybersecurity at Aalto University, to share his views on this important topic.
“Companies whose processes and digital services run smoothly and whose systems are safe to use and work environment secure, in physical and intellectual terms too, will have a significant competitive advantage,” says security policy expert Jarno Limnéll.
The logic is that security lays a foundation for trust and reliability. Trust is an increasingly valuable asset for companies in the globalized world. Similarly, repeated failures in information security undermine the trust of customers and partners, and sooner or later the company’s business will suffer.
“Having a sense or feeling of security is an important element of the security picture. If security measures are appropriately focused and sufficiently extensive and are implemented strategically and systematically, people will feel more relaxed in their work and achieve better results. All in all, security is an integral part of a good, happy life.”
Limnéll does not consider that digital security, or cybersecurity, is a separate issue. He sees it as one of the many aspects of security.
“We already live our daily lives simultaneously in the physical and digital worlds, and this will be even more marked in the future. For this reason, security must be developed as a whole, based on this new reality.”
Limnéll sees indifference and poor judgment as the largest cyber threats.
“This is why cybersecurity is primarily not about technology, but about attitudes.”
Nevertheless, cybersecurity projects continue to be technology-focused. “When trying to find a solution to a specific technological problem, people tend to overlook the bigger picture, which is a pity,” says Limnéll.
Many questions should be asked and the big picture should be outlined before going shopping for solutions. What data needs to be protected and against which threats? What data categories do we have and what is the required level of protection? The big picture also includes security measures in the physical environment, such as access control, workspace arrangements and monitoring and surveillance.
It is important to realize that there is no absolute security – and there never will be. It is not possible to protect against all threats, and all technologies can be cracked. But if a denial-of-service attack occurs or a virus enters the system, for example, this can, to a high degree, be tolerated and operations normalized if continuity and recovery plans are in place.
The security of complex systems is a major challenge for companies.
“A company may have a dozen suppliers connected to the same set of systems. When something happens, it is not easy to find out where the system needs fixing. Companies now seem to be looking for solutions where a single supplier is responsible for the entire system or set of systems,” says Limnéll.
The cyber boom created by digitalization has increased public awareness of cyber crime and other cyber threats. Limnéll has a background in military security, which means that he is aware of the full gamut of threats in the digital world. Nevertheless, the negative tone of the public discussion on cybersecurity bothers him.
“Digitalization is an enormous opportunity, and security is always a good thing. It’s unfortunate that such a positive issue is largely approached in terms of threats and fears.”
In an increasingly digital world, information security is an intertwined combination of global, local and individual information security. Cybersecurity is becoming more global but also more personal. We are both agents and objects.
Occasionally, security and business interests collide.
“For example, when companies are developing major innovations, they are so busy trying to introduce the product before their competitors that they forget to pay attention to security aspects and hastily come up with a solution in the final stages of the project.
“Integrating security into a product retrospectively is challenging, if not impossible. Security must be considered from the very beginning of the innovation and development process.”
Jarno Limnéll, VP, Cyber Security and Business Development at Insta Defsec Oy, also serves as Professor of Cybersecurity at Aalto University. He holds a Doctor of Military Science degree, a Master of Social Sciences degree and an officer’s degree. He previously worked as Director of Cyber Security at Intel Security.
Read more blog posts about Point-of-View
The struggle to create a ‘digital business’ and why we fail
22 - 01 - 2019
According to recent reporting, most CFO/CIOs are on the path of digital transformation - but the majority fail to achieve their ambitions. Why?
Why Has the Digitalization of B2B Trade Not Gone All the Way?
24 - 05 - 2018
Especially in the Nordics, e-invoicing has already become business-as-usual in the B2B trade. The digitalization has not extended to corporate purchasing and ordering. Why not?
The New OpusCapita Is a Provider to Know
16 - 05 - 2018
Do you know the new OpusCapita? In this blog, CEO Patrik Sallner shares his views on the recent transformation of the company and discusses why OpusCapita is a Provider to Know.
Other content you might be interested in:
How to manage fraud and risk in Cash Management
on demandOur third webinar about Risk and Fraud Management in purchase-to-pay and cash management introduces a complete framework for mitigating the risk of fraud and cybercrime.
How to ensure that your purchase-to-pay process is safe from fraud
on demandOur 2nd webinar about risk and fraud management in purchase-to-pay and cash management is focusing on risk management and mitigation.