This blog post, written by the IPR Street Team, is provided by the IPR Digital Media Research Center. 

This report summary appears courtesy of McKinsey & Company and the authors James Kaplan, Wolf Richter, and David Ware. The full study, “Cybersecurity: Linchpin of the Digital Enterprise,” can be found here.

The constant improvement and innovation of technology helped the world become a fast-paced enterprise; however, this digital lifestyle has led to a variety of issues since becoming integrated with business. What once began as a risk to vulnerable industries, such as finance and healthcare, is now an omnipresent threat to any organization. Cybersecurity is a serious threat to every industry because most modern work is done on a digital platform. Cybersecurity is a major concern due to the confidential information jobs require, the amount of communication that takes place through digital mediums, and much more.

According to IBM, the average cost of a data breach is $3.92 million, with each lost or stolen record containing sensitive information costing $148 on average (IBM). The main trends identified in some of the biggest cyberattacks in recent years included phishing, spyware and unsecured third-party servers.

A breach in cybersecurity can result in multiple consequences for companies, including damaged reputation, eroded customer loyalty, lost intellectual property and potential bankruptcy. Additionally, cyberattacks can result in penalties from regulatory agencies, increase the company’s potential for future attacks, and weaken state and federal security (IBM).

Thankfully, communications experts have taken this issue seriously and have implemented preventative measures to reduce the potential for a cyberattack. In addition to these preventative measures, many have established crisis plans in case efforts to safeguard data are insufficient. In addition, chief information officers (CIOs) and chief information-security officers (CISOs) are fairly recent additions to the c-suite.

Challenges still exist in the current cybersecurity model, for example, IT organizations have found that existing security models do not run at “cloud speed” and do not provide enough specialized reports to developers.

The report lists three functions to transform cybersecurity measures in companies: using quantitative risk analytics for decision making, building cybersecurity into the business value chain, and enabling the new technology operating platforms that combine many approaches.

First, CISOs and their advising teams have made cybersecurity decisions, but now there are too many assets and processes to protect and not enough options to protect them. To combat this, companies are using stronger quantitative risk analytics to make better, more informed decisions. Some of these aspects include advanced employee and contractor segmentation as well as behavioral analysis in addition to risk-based authentication that considers metadata, such as location and recent activity.

Next, it is recommended that companies rethink and rework cybersecurity into their customer relationships, production processes, and supplier interactions. Some tactics include building secure and convenient online customer experiences, educating customers about how to interact in a safe and secure way, and treating cybersecurity as a core feature of product design.

Finally, putting a modern technology model in place requires adding a more agile cybersecurity operating model. A cloud-based operating platform is preferred, and could be enhanced using DevOps, a set of collaboration practices between software development and IT operations.

Defenses for data privacy are adapting to cyberattacks due to advancements in IT and the implementation of cyber-centered crisis plans, however, they still occur at alarming rates. Organizations must be prepared to deal with the consequences of operating in a digital world. Although steps can be taken to prevent cyberattacks, its rising frequency proves that experiencing a data breach is not an “if”, but a “when.”

Carly Rogers is a fourth-year public relations major and communications studies minor at the University of Florida. She is a communications assistant at IPR, and is an active member of UF PRSSA, serving as Assistant Managing Director for Alpha PRoductions and as a member of the UF CJC Bateman Case Study Competition team. Follow her on Twitter at @Carly_A_Rogers.


IBM. Cost of a Data Breach Study,
IBM. Cyber Attacks Explained,
Kaplan, James, et al. Cybersecurity: Linchpin of the Digital Enterprise. McKinsey & Company, July 2019,

Heidy Modarelli handles Growth & Marketing for IPR. She has previously written for Entrepreneur, TechCrunch, The Next Web, and VentureBeat.
Follow on Twitter

Leave a Reply