In 2019, the big lesson these businesses must learn is that this sad truth won’t change. Instead, they must face the countless vulnerabilities with a sense of realism by accepting that whilst they may suffer an attack or fall victim to a breach, they can mitigate the damage through technology.
What business leaders must do first is accept that they may suffer a breach, the chances are that if you hold any valuable information then you will be at a higher risk of attack. It’s critical that businesses react in the right way, technology like ours is key in this process and other the last year we have seen businesses not know about attacks until it was too late.
We foresee an increasing trend where cyber criminals are targeting those more vulnerable, what we’d dub “easy targets”. Cyber-crime is the same as any crime – if you put decent locks on the doors of your house and install an alarm system, the burglars will just go next door instead. With large and tech-savvy enterprises being increasingly more aware of cyber crime, criminals will increasingly go after mid-sized companies who are far less prepared. Or, they will target companies who use technology to enable their business, but where the board and senior leadership aren’t technology experts – such as hotel chains or retailers.
The biggest trend in 2018 was companies discovering data breaches where the attack happened months or years before it was discovered. Recent examples include Marriott, who are believed to have been leaking data for four years. We believe these breaches will continue to be made public because IT professionals continue to focus on border security (firewalls, 2-factor authentication and other access controls) and fail to keep an eye on their critical infrastructure for signs of a breach.
So what other factor needs to be addressed you might ask. We would say education is a key piece in solving the cyber-security puzzle. A huge number of cyber security breaches result from simple security lapses by a single employee. Criminals target companies using clever social engineering and “spear phishing” as well as conventional malware and bespoke attacks. Ensuring that all company employees are aware of the potential risks is an almost impossible task. Perhaps it’s time to accept that it isn’t a case of “if” a data breach happens, but “when”, and instead of concentrating on making everyone a cyber security expert, focus on mitigating the impact of a security slip when it inevitably happens.
Our technology will help you solve this issue, contact us to find out more.
Almost every day we hear about new ways cyber criminals are exploiting the COVID-19 crisis. Phishing scams, social engineering tactics, fraudulent websites and ransomware are constantly evolving an...Find out more
Given how much valuable and commercially sensitive information they hold, law firms are prime targets for cyber criminals. DLA Piper was hit by the highly destructive NotPetya malware in 2017, this...Find out more
It is now 21 months since the GDPR came into force. For the period 25/05/18 to 27/01/20, authorities within the EEA were notified of 160,921 personal data breaches. DLA Piper’s research also reveal...Find out more
Please fill in the details below to get a 2 week demo of
CyberHive's cloud platform technology