With cyber-attacks on pipelines, water pumping stations and manufacturing facilities making the headlines, business leaders and customers are increasingly aware of the need to take responsibility for protecting organizations from potential cybersecurity vulnerabilities. Cybercrime can have major consequences for companies. Therefore, cybersecurity should be at the heart of the company’s environmental, social and governance (ESG) sustainability strategy.

Investments in ESG assets are expected to grow to $50 trillion by 2025. As ESG is an important part of financial reporting in Turkey and many companies in the region are required to comply with international reporting requirements and standards, organizations are looking for ways to improve their portfolios. strengthen in this regard.

Therefore, protection against cyber threats is necessary not only to ensure business continuity, but also to protect the environment and human health. For this reason, ESG programs must include cybersecurity elements to minimize the negative effects of cyberattacks on employees, the ecosystem and society as a whole.

“This is especially important in organizations that manage critical infrastructures, because issues related to technology security have far more serious consequences than others,” said Emad Haffar, Head of Technical Experts at Kaspersky.

A Kaspersky study found that by 2021, the incidence of spyware on computers used for industrial control systems has increased by 45 percent from the previous year. For example, a cyber attack on a safety-critical power plant or oil and gas station can create a knock-on effect that affects all components of the ESG.

In addition, Kaspersky found that approximately one-third (30) of companies worldwide have significant operational technology vulnerabilities. The number of incidents in this area has quadrupled, while the risk of huge financial costs has doubled. These cybersecurity risks faced by businesses also include the possibility of physical risks such as injury or death (5 times) and environmental damage (2.5 times).

Kaspersky Sustainability Manager Maria Losyukovasay: “Cybersecurity is becoming increasingly important for organizations. This is important not only to protect against attacks or governance risks that could threaten business continuity and damage the company’s reputation, but also because it poses a real threat to human life and the environment. Industrial control systems in particular carry a great risk in this regard. It is the cybersecurity team leader’s responsibility to document existing practices as part of an organization’s ESG and address issues with concrete and measurable security solutions. Gone are the days when executives sit back comfortably and say, “We have cybersecurity insurance.”

It becomes more difficult every year to secure and protect infrastructure and data at the enterprise level. Security operations center personnel cannot handle alerts from various cybersecurity components. That’s why Extended Detection and Response (XDR) products have emerged as a suite of automated information security solutions designed to proactively detect, respond to and counteract advanced threats across different infrastructure levels.

Emad Haffar adds: “Kaspersky XDR includes a variety of tools that integrate with existing security tools and applications, allowing security professionals to monitor data on endpoints, network, cloud and email servers. It also adds analytics and automation capabilities to detect and eliminate existing and potential threats, all of which contribute to compliance with ESG standards.”

But unless organizations train their employees, even the most advanced cybersecurity solutions become less effective.

“Staff needs to be trained in the changing threat landscape using more than traditional methods,” says Haffar. “To do this, Kaspersky has launched the Automated Security Awareness Platform (KASAP). This platform provides an easy-to-manage online tool that elevates employees’ cybersecurity skills. This provides industry organizations with an online tool they can reuse to launch and execute their internal cybersecurity awareness programs.”

Cybersecurity has become more than a security issue as its environmental, social and governance impacts emerge. The long-term sustainability of business requires a healthy society and environment, as well as profitable business operations. Investing in cybersecurity today will not only help the organization avoid a potential breach or insurance claim, but will also increase trust, reduce risk and contribute to overall economic growth.

Source: (BYZHA) – Beyaz News Agency