How to Combat Common Information & Collaboration Security Threats

Uploaded on 2022-11-23 in TECHNOLOGY--Resilience, FREE TO VIEW

According to the World Economic Forum, cyber attacks are perceived as the number two global risk of concern to business leaders in advanced economies. This is second only to fiscal crises. Forbes reports that 17.2 billion records have been lost in the fifty largest data breaches between 2004 and 2021 - including a huge data breach for LinkedIn in 2021. 

The news is full of reports of these InfoSec attacks - whether phishing; stolen credentials; access because of unpatched or misconfigured software or social engineering attacks in which individuals are targeted within an organisation.

The British National Cyber Security Centre, however, singled out Ransomware as “the most significant cyber threat facing the UK” in 2021. CEO Lindy Cameron wrote: “...it was assessed as potentially harmful as state-sponsored espionage.” Indeed, ransomware was one of the topics tackled at the G7 Summit in 2021. 

This year, the annual review will no doubt add another few threats; and more countries and groups will appear on the list of prevalent threat actors, not least because the world continues to become more and more ideologically polarised.

State-level actors - from Russia, China, Iran and North Korea amongst other countries - have become stronger and are being protected

IBM’s Cost of a Data Breach report stated that the average cost of a data breach globally reached an all-time high of $4.35 million in 2022. While this figure is staggering by itself, what is also notable is that this is a 2.6 percent increase from 2021. Financial gain is definitely a motivation but there are also the hackers who cause disruption just for fun with no monetary motivation. 

Every single business is a target and InfoSec attacks are only going to become more subtle and more frequent. The very building blocks of encryption could be smashed down by quantum computing, warned The Economist and that was in 2018. 

This article reads like a declaration of doom, but it is actually a call to arms. Companies can protect themselves, but they need to invest heavily in talent, knowledge and expertise in cybersecurity. There is a scramble for cybersecurity experts as demand surges with students getting snapped up even before they have completed their degrees. In a climate in which businesses are terrified about the economic future, investing in cyber security is essential to protect themselves from losing vast amounts of money, if not everything, in just seconds. 

A clear place to start is to accept cybersecurity is not just as protection but as a business enabler.

A shift in mentality is required. A Cisco report stated that thirty-one percent of the survey’s 1014 respondents, who were senior finance and line-of-business executives, believed that the primary purpose of cybersecurity is growth enablement. However, sixty-nine percent still saw its main purpose as risk reduction. This view of cybersecurity - that and time-consuming and ineffectual tools - stymies creativity. In the same report, it states: “...A stunning 71 percent of executives said that concerns over cybersecurity are impeding innovation in their organisations. Thirty-nine percent stated that they had halted mission-critical initiatives due to cybersecurity issues.” 

On top of this, the time lost to rectifying the issues caused by an attack is also a business inhibitor. For some organisations providing critical and emergency responses, like the NHS, which was attacked in August, it can even be life-threatening. 

Then there is the impact of an attack on customer confidence. A major breach can damage brand reputation and customer retention as well as operations and finances. By deploying a steadfast cybersecurity plan and showing it is incorporated within your business’ governance, you are showing clients that you take cybersecurity seriously. Understanding this, and all of the other potential economic drivers and business impacts, will help you formulate a plan. This must include educating employees on cybersecurity to reduce human error and employing best practices instead of inventing your own methods and processes.

Ultimately though deploying simple, frictionless, and easy to use cybersecurity tools is going to be the quickest and most effective driver of change. This will motivate behavioural change, build confidence - both in your staff and clients - and boost instead of impede productivity. The InfoSec attacks may be becoming more targeted and frequent; but a simple, robust solution will prevail. 

Onur Özen is Chief Executive Officer of RealTyme

You Might Also Read: 

Building a Threat-Ready Ransomware Response Plan:

 

« Cyber Security Predictions For 2023
Simplicity In Complexity: The Key to Successful Threat Exposure Management »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

IEEE Computer Society

IEEE Computer Society

The IEEE Computer Society is the world's leading membership organization dedicated to computer science and technology.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard (aka Don't Be Breached) informs Security Professionals and DBAs of Zero Day, Ransomware and Data Breach attacks within milli-seconds

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

nsKnox

nsKnox

nsKnox is a fintech-security company, enabling corporations and banks to prevent fraud and ensure compliance in B2B Payments.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

SNC-Lavalin

SNC-Lavalin

SNC-Lavalin is a fully integrated professional services and project management company with offices around the world.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.