1 minute read
Cybersecurity to the next level – ensure business continuity
from ETNdigi 1/2023
by ETN
Technological advances and the global geopolitical situation have taken cybersecurity to a whole new level. It affects us all, whether we are individuals, society, businesses, communities or public organisations, let alone governmental preparedness.
According to Check Point Research, the number of cyber attacks in Finland increased exponentially in 2022, up 81 % compared to 2021. The average number of attacks per organisation was 1 228 per week. Attacks on cloud-based networks increased by 48 % globally last year.
According to the "Information Security in Finnish Organisations 2023-2025" survey conducted by Check Point Software and Loihde Trust, one in four Finnish companies have identified a business-impacting security incident in their organisation in the last two years. The most common of these were data leaks and security challenges related to personal records. In the future, three out of four large Finnish companies believe they will face a cyber attack.
Digitalization and the spread of cloud computing will continue to grow, creating a new, everchanging attack surface. The rapidly growing interest of hackers in AI technologies will further increase the number of attacks. For example, the AI bot ChatGPT has already been used to write malware code and phishing emails. ChatGPT account credentials and stolen ChatGPT Premium accounts are traded on the dark web. Sensitive organisational data can be compromised when cybercriminals gain access to queries from the owner of a hijacked account.
According to IBM Security's Cost of a Data Breach report, the cost of a data breach to an organisation in 2022 was at an all-time high, averaging $4.35 million. The indirect cost of an extortion attack averaged $4.54 million, not including the ransom itself.
Despite all this, companies are not always ready to make significant investments in security. Security may not be seen as a business enabler and profitability enhancer, or the risks may be seen as theoretical if the company has not yet suffered a security breach. There is also often a lack of clarity about who is responsible for security, for example in the case of SaaS services or cloud solutions. Critical infrastructure protection in Finland is only beginning to wake up.
As economic growth slows, it is important to ensure that business continuity is safeguarded. Information security cannot just be a necessary expense but must be an integral part of an organisation's business continuity planning. Achieving cyber resilience requires a holistic, proactive approach to security: comprehensive, consolidated and collaborative solutions. This is currently not common practice, and the problem is often that companies' solutions do not communicate with each other in the event of a data breach. This makes companies vulnerable.
