Change in mentality necessary in the fight against cybercrime
April 16, 2017
‘How many firewalls do we still have to build before we realise that more of the same isn’t helping?’ Ad Krikke, DSM’s Corporate ICT Security Officer, advocates a new way of looking at cybercrime.
The estimates of the damage that cybercrime causes to companies vary, but in the Netherlands alone, this is said to be around €10 billion each year. Even though new technologies are constantly being developed, Internet criminals aren’t sitting still either. It seems to be a race without an end, and the question is whether or not this pattern shouldn’t just be broken.
Ad Krikke: ‘In spite of all the investments in advanced security technology, DSM is also adversely affected by cybercrime; the recent phishing attack, fake emails with our director’s name at the bottom, and hacked sites. At the same time, we know that the new security technology that we are building today will just be compromised next year. The effectiveness of anti-virus software has decreased considerably in recent years. Additionally, there is legislation in the making in both the Netherlands and Europe that can, for example, make it possible to hold directors personally legally responsible in the event of a serious data leak, and then I’m not even talking about the astronomical fines. If you add up all these facts, I believe it is high time for fundamental changes.’
Fear is a very bad adviser
‘We must not allow ourselves to be intimidated. It is better to learn to change our mentality and look at the possibilities that digital transformation offers. Try not to think of it in terms of a walled castle but as a shopping centre that anyone can walk into; in one store, you can get your own sweets from a bin, but at the jeweller’s, you will notice that the shop has strict security measures in place.’
The right solution
‘We can learn from the music industry: years ago, encryption was used to stop illegal copying of CDs. That did not turn out to be the right solution. By using new Internet technology, organisations such as Spotify and Apple introduced a solution in which known users pay for the secure downloading of music. The result was a sharp decline in illegal downloading, and the creation of new business opportunities for the music industry.’
‘Cybercrime causes concerns about the protection of our intellectual property, for example. On the other hand, we also know that protecting information can place restrictions on how we work with other parties. Conversations with employees have shown that changing our mentality can also result in new opportunities in this regard too. This includes faster development of new products, or making better use of our means of production. I have been convinced that a race driven by fear does not always produce sustainable solutions, and can actually hinder processes at DSM.’
‘Fortunately, there are also more sustainable technical measures in place now, such as the digital passport system, Identity & Access Management. We use this system to give users controlled access to DSM information. If, just like in the music industry, people are willing to pay to use information, then this system forms a solid foundation and also generates income.’
Changing our mentality
Many specialists emphasise that we are at risk of getting stuck in an endless race, Krikke says. ‘The current reality demands the highest state of alertness, and continuous investments in security technology, but it is high time for us to change our mentality. I invite everyone at DSM to contribute ideas: how can we make ourselves less vulnerable to cybercrime while at the same time employing digital transformation to open up new business opportunities?’
Executive Program in Strategy & Enterprise Architecture
The Executive Program in Strategy & Enterprise Architecture incorporates the highest standards in business strategy, enterprise architecture and IT processes. Become the lynch pin linking your business model to a sustainable and profitable strategy.
Read more about this program