Ferrovial Security Corporate Settings
Communication

Security and privacy in corporate settings

06 of November of 2013

We are experiencing a revolution in privacy and security management worldwide. The revolution is being shaped by new ways of relating, communicating, collaborating, using and storing information, as well as the widespread use of technology, mobile environments and cloud services.

It is a dynamic, constantly-changing situation in which we, the technology users, our blazing the trail. Moreover, this new field is being regulated only gradually (“You make the road by walking“, as Spanish poet Antonio Machado said). This means new opportunities, but also new risks.

Today we are also facing new threats: “cyber threats”. Cyber-criminals are organized and professional. A lucrative business has emerged in cyberspace: fraud, botnets, campaigns to smear businesses, industrial espionage, advanced persistent threats, etc.

Globalisation leads to cross-border risks and threats, the proliferation of WMD, attacks on critical infrastructure and cyber-crime, among others. National cyber security is now among governments’ functions and priorities. Today, a country’s security is not limited to defending its borders and its sovereignty; it must also secure society’s well-being in the face of new risks.

Security in the corporate context

Ferrovial-Security-Privacy-Corporate-Privacy

Businesses are also affected by the new rules of the game. The scope of the enterprise has changed; companies and their information are no longer confined to their physical premises. Businesses are comprised of people who move, access and manage corporate information wherever they are, on employer-issued and personal devices (Bring your own device–BYOD).

In this context, and with an increasingly demanding regulatory framework, organisations are adapting to the new situation and establishing new strategies to protect their businesses and information.

A fundamental issue which must take centre stage is raising awareness about security. Enterprises need to take steps to ensure that their employees understand the risks of cyberspace and provide them with guidelines for action in specific situations.

According to ENISA, the European Union Agency for Network and Information Security, “awareness of the risks and available safeguards is the first line of defence for the security of information systems and networks“.

People tend to view habitual situations as normal, downplaying any risks. Also, in the virtual world we tend to be more trusting and less careful than in the real world. A few of us would sign a paper document without reading it carefully. However, on the internet, we generally accept terms of use and privacy policies without actually reading them.

People are naturally trusting, and the purpose of raising awareness about security is that we should be “a little more wary”, take precautions and apply common sense. European Cyber Security Month was held last October under the slogan “Be Aware, Be Secure“. This initiative, promoted by the European Union, seeks to raise awareness among member states, enterprises and citizens about the individual and collective risks posed by the improper use of cyberspace: violations of privacy, breaches of national security, industrial espionage, attacks on government agencies and companies, etc.

The occasion was marked by more than 50 events in 25 countries which focused on promoting cyber security among ordinary citizens and provided updated information about cyber threats in order to raise awareness about security in cyberspace.

There are no comments yet