A few decades ago, cybercrime was limited to lone hackers trying to compromise systems using a single PC, but today there are serious players in the landscape with nearly unlimited resources.

It is impossible to predict what will happen to a company and who will be targeted. Businesses need to put themselves in a position to recover even in the worst-case scenario. Business leaders must be ready to protect their data wherever it resides, from PCs and the edge to the data center and cloud.

The World Economic Forum’s 2022 Global Risks Report states that ransomware attacks increased by 435% in 2020 and that cyber threats are exceeding society’s ability to prevent them. According to CyberSecurity Ventures, a ransomware attack is projected to take place somewhere in the world every two seconds by 2031.

Businesses therefore understand that they need to invest and do more in cybersecurity. Lenovo research shows that 59% of business leaders are likely to invest in security tools in the next five years. However, given the complexity of the threat landscape, organizations must initiate a dynamic security response to ensure they protect their data by choosing devices and IT infrastructure solutions that are designed for security. They also need to ensure their employees understand the complexities of cyber threats and have the right resources to deal with them. They say data is gold, so it should be protected like gold.

Understand the threats

When devising an effective cybersecurity strategy, it is important to understand that threats come from all directions. In the past, we viewed security as a fence that allowed data to flow freely throughout the organization. The closer the computing capacities get to the data, the larger the threat surface becomes.

When it comes to PCs, hybrid working has led to more and more employees using their laptops in a coffee shop or a hotel outside the “four walls” of a company building. People are still unaware of the security risks involved.

In the event of a cyber attack, it is also important to acknowledge the reputational damage.

Tikiri Wanduragala, EMEA Senior Consultant at Lenovo ISG

For the data center, too, companies need to ensure their defenses are at a whole different level. Fortunately, you don’t take your server or storage system to the coffee shop, but if an attacker can get hold of a server’s dataset, they can gain access to all activity in the company. It may be an existential threat. Business leaders therefore need integrated security systems that can handle this problem.

In the event of a cyber attack, it is also important to acknowledge the reputational damage. It’s not just about data loss; If you don’t get it back quickly, it can have a huge impact on customer trust and loyalty. Transparency is also a crucial element in the eyes of the public. Therefore, when a company is hit by a cyber attack, it should be aware of what happened, transparently communicate it to its customers, and what actions were taken to resolve the issue.

Infrastructure with built-in security

How does a company defend its data in this ever-changing world? First, they can do smarter things with their IT hardware and infrastructure. That means you need to choose data management solutions that have built-in end-to-end security, from the edge to the cloud. Wherever your data resides, it needs to be protected.

Modern IT infrastructures must withstand increasingly sophisticated security threats – and this requires built-in remediation functions. It is becoming increasingly important that an audit trail is in place throughout the machine lifecycle. Servers are incredibly valuable assets to a business, so ideally executives need tamper detection and monitoring built into the actual chip design.

Server monitoring, the systematic tracking and measurement of processes and operations on a server, can be used to collect insightful data and draw conclusions about the health and condition of servers. This ensures that they achieve an optimal level of performance.

privacy plan

A data protection concept is also of the utmost importance. Businesses must anticipate losing data and create a situation where they can recover it. It doesn’t matter if it’s in the cloud or at the edge, they need a system to back it up. When companies keep data in a safe place, they can be attacked and still come back quickly.

A robust data protection plan improves security and protects company assets by helping prevent breaches and data leakage. This means organizations can avoid the financial consequences of a security breach, protect company assets, protect customer data, and protect the company’s reputation and brand.

To ensure maximum security, managers should select suppliers that have secure supply chains and knowledge of all original manufacturing parts.

Tikiri Wanduragala, EMEA Senior Consultant at Lenovo ISG

To adapt to today’s rapidly changing cybersecurity environment, business leaders must also take a longer-term view and adapt to current and future threats. Data must be protected from the start of a machine throughout its lifetime to the point where it is safely and properly disposed of.

To ensure maximum security, managers should select suppliers that have secure supply chains and knowledge of all original manufacturing parts. Outsourcing infrastructure and software to third parties creates a larger threat surface for an organization. That’s why it’s important to regularly review supply chain security risks and understand each supplier’s sourcing standards. This allows companies to see exactly which areas are most vulnerable and therefore require the most investment.

Safe design in PC hardware

Security must also be considered throughout the PC hardware design process. Business leaders should choose hardware that puts security first and has innovative features like unified endpoint management that can monitor, control, and lock down a device.

Devices can also be integrated with unique privacy warning features that provide additional layers of security when working remotely, e.g. B. Triggering a privacy gate when an unauthorized user’s face is detected looking at the laptop screen. Additional features such as secure browsing, sandboxing and data encryption are aspects that can be built into the basic design of a laptop, giving executives the confidence that they are doing everything they can to keep their corporate data safe.

The Zero Trust architecture is also an efficient way to secure hardware to ensure data is only accessible to trusted users. The principle is to assume that no one is trusted inside or outside an organization. Access to network resources is tiered through gateways for strict identity verification.

The Zero Trust architecture is an efficient way to secure hardware and ensure data is only accessible to trusted users.

Tikiri Wanduragala, EMEA Senior Consultant at Lenovo ISG

The use of multi-factor authentication (MFA) is a key feature of zero trust and helps create a more dynamic approach to security, regardless of where the end user is located outside of an organization’s four walls.

When choosing PC hardware and even servers, it’s critical that organizations choose products and solutions that have security built in from the start, rather than as an afterthought or add-on. Implementing security early in the product lifecycle ensures that it is a fundamental consideration and can be improved or changed as products are upgraded. Suppliers can even rely on third parties to ensure their hardware or software is tested and approved before being incorporated into products.

A look into the future

Business leaders need to think carefully about their hardware, from PCs and the edge to the cloud, and from the beginning of the lifecycle to the end. As cyber threats become more complex, choosing the right hardware and software layers to defend against them becomes increasingly important.

Perhaps most importantly, business leaders fully understand the value of their data and communicate it both within their organization and with partners. Awareness of the value of data is the most effective defense an organization can have, and it’s high time organizations made this a priority.

This is a contribution from Tikiri Wanduragala, EMEA Senior Consultant at Lenovo ISG. For more information on Lenovo ISG solutions, click here.