The way we work has changed drastically over the past two years; we have been working from our sofas and airport benches, and attending remote meetings from our cars. The pandemic has flexed the future of work and, with that, IT experts are working tirelessly to protect our cyber activities.
Sonja Haavisto, our Head of Group Communications, sat down with our IT Director, Pekka Nurmi, to understand: How can we protect our data? This year, criminal cyber-attacks have increased more than ever in the US and worldwide. Global enterprises like Cimcorp must tackle the increasing risks of employees working from home and the business environment in a world of growing cybersecurity challenges.
What does cybersecurity mean for a global company like Cimcorp?
Pekka In a nutshell, cybersecurity is credibility. I expand on this in this video about Cimcorp’s cybersecurity approach.
An employee’s worst nightmare is to be the one whose credentials were used to compromise the company’s data. It is a nightmare no one thinks about until their screen suddenly turns black. Our job in IT is to protect our employees from that responsibility.
Pekka Nurmi, IT Director at Cimcorp
In your opinion, why does cybersecurity continue to be a hot topic today?
Pekka Cybersecurity is a constant battle. People build systems and software, and we make mistakes. Information security is the afterthought to secure these mistakes and make it harder for attackers to take advantage of them.
Human error is one of the biggest challenges facing global companies. At Cimcorp, more than half of our value is in our data and systems. Now that we are operating globally, we implement processes to protect the company from internal and external threats to our security.
What are the top security topics on your business agenda?
Pekka Information security continues to be a leading discussion in many of our meetings. Customers in the warehouse and distribution sector know their security measures and they demand from us, as a solution provider, protection for their organization’s security.
We match our customer needs and insurance company compliancy, and preserve our overall informational assets.
There are three pressing topics on my agenda today. MFA (Multi-Factor Authentication) is necessary for us. I consider MFA to be the Swiss army knife of information security, combating over 90% of all information security risks.
Secondly, we are moving all our systems behind a secure network gateway to protect our software and systems and promote visibility within the organization.
Like us at Cimcorp, our security solutions employ automation and modern technologies to safeguard our users and devices. Advanced services facilitate security processes with fewer logins and less hassle.
Thirdly, awareness training empowers our employees and network users to safely use the company’s network. We educate our employees and partners about pressing modern threats such as social engineering and email phishing, as well as about safe usage of Wi-Fi and practical day-to-day business usage.
What are the biggest cybersecurity challenges of 2022 and in the years ahead?
Pekka The world changed overnight in March 2020. After that, there is no going back to any kind of non-active approach to security. So, one of my biggest tasks today is finding ways to satisfy our customers’ information needs on our cybersecurity capabilities as a solution integrator.
There are no all-encompassing certificates available to guarantee our customers that we have the proper cybersecurity processes in place — this is a challenging task. ISO 27001 isn’t sufficient proof.
Cyber insurance might pass as a sort of information security certificate if a company is good enough to get insurance for a substantial amount. So, if an insurance company is insuring us for millions of euros, then it proves trust.
We are in the business of automation and robotics. What are the most challenging cyber risks or threats in our industry?
Pekka Cryptoviruses are one of the most serious threats out there. I am most worried about a cryptovirus encrypting our information.
While we have safety procedures and a protection strategy in place, the amount of work it would require for our employees is massive. Data would be safe, but it would still probably take weeks to get everything back to its proper status.
IT experts worldwide see cyber-attacks as inevitable. Is the ‘zero-trust IT’ philosophy the right mindset with which to approach organizational security?’
Pekka We use the zero-trust philosophy as the baseline. Today, more than 20 percent of Cimcorp employees choose to work remotely, and another 50 percent work remotely sometimes. So cybersecurity means that, no matter where our staff choose to work, they are always protected.
Cybersecurity is a challenging task and is a shared responsibility – our IT department cannot do it alone. We have a strong foundation of protection in our Cimcorpers. We collectively protect the organization through cybersecurity awareness training and our IT mitigation strategy.
You talked about hybrid work and organizations moving towards the duality of work mode. How can companies protect their employees’ security and privacy while working from home?
Pekka Security for employees working from home is an entirely different ball game. We are on a gradual move towards a simplified approach to security. Flipping from a ‘world of complete control’ to a ‘world of simplification’ is the next big thing.
Many enterprises are changing their approach to cyber safety by making it simpler to be security aware. Enterprises need to have IT working more with, for example, facilities management and HR to reach simplicity.
It’s also more and more a business & IT architecture game, where the biggest wins are made through the introduction of valid business platforms – in both cybersecurity and business in general.
Our security strategy protects our bottom line. Cybersecurity insurance is at least 300% more expensive than at the start of this year. These numbers are a signal that cybersecurity is at the top of everybody’s agenda.
Continue the topic with Future of Field Service content — check out how Pekka streamlines Cimcorps’ IT.
Order automation Insights
Data and cybersecurity will continue to be the underlining topics on many business agendas for the years to come, as competitive companies must find innovative solutions to secure their customers’ data.