August 9, 2017 By Domenico Raguseo 2 min read

In recent years, cybersecurity has become a major disrupter across the globe. In a business landscape that depends on digitization and accelerated transactions, cybersecurity is crucial to both providers and consumers. Those consumers must consider cyber resilience when shopping for services or products, even if a vulnerability doesn’t directly affect the device itself.

Shifting the Consumer’s Mindset Toward Cybersecurity

Take the Mirai botnet, for example: The malware was used to compromise other users, not the owners of the cameras it originally infected. This represents a significant shift in the consumer’s mindset. In the past, individuals shopping for appliances such as refrigerators and washing machines evaluated products based on specific characteristics related to the functions they were designed to perform. Risk was calculated according to the value the asset would provide and its effectiveness — cyber resilience never entered the discussion.

Nowadays, many appliances are connected to the internet and require security measures to protect them from cyberthreats. Furthermore, users who conduct digital transactions reveal huge amounts of personal and financial data that cybercriminals covet. Vendors and consumers alike must consider data privacy implications when providing or purchasing a product or service. Many directives and regulations, such as the Europeon Union’s General Data Protection Regulation (GDPR), aim to govern how organizations handle customer data.

Everyone Has a Stake in Security

In this complex ecosystem of connected devices, consumers need to know that they, their vendors and their fellow users are secure. This puts even more pressure on providers, who must consider all the ways in which their products could be compromised while remaining competitive in a fast-moving market. Vendors might consider security measures such as requiring users to complete a two-factor authentication process to make transactions or access their products.

The bottom line is that all parties involved in a purchase — the vendor, the consumer and, if applicable, the financial institution facilitating the transaction — have a stake in the security of a given product. If either the provider or consumer fails to follow security best practices, the entire ecosystem is at risk.

Read the new IBM report: Smart things call for smart risk management

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today