Businesses Must Prioritise Safeguards Against Common Threats

Uploaded on 2024-02-19 in TECHNOLOGY--Resilience, FREE TO VIEW

The rise of cyberattacks using old tricks and proven methods is expected to continue. Criminal organisations are relentlessly seeking access to your systems, aiming to exploit vulnerabilities in your environment and disrupt your supply chain.

Businesses, regardless of size, must prioritise safeguards against common threats like business email compromise and compromised user accounts.

Detecting unusual behaviour is crucial for preventing invoice fraud and session hijacking, which could lead to reputational and financial damage. Moreover, ransomware attacks are proliferating, facilitated by professional groups offering easy-to-use ransomware kits to a growing number of affiliates. Businesses need to embed resilience into all aspects of their operations to mitigate the impact of such attacks.

Deepfake technology, which creates convincing fake videos, is rapidly advancing. It poses various risks, including tricking business users into fraudulent transactions, as seen in a case where a Hong Kong multinational was duped into paying $25 million to fraudsters using deepfake videos of executives.

Furthermore, deepfakes can be employed to spread misinformation and sow fear, particularly during times of uncertainty such as election years. To counter these threats, enhanced monitoring and targeted protection measures are essential to ensure both systems and personnel are resilient and informed.

Failure to implement a comprehensive cyber resilience program leaves businesses vulnerable to increased cybercrime and significant financial losses.

Despite the growing threat landscape, many executives continue to overlook cybersecurity risks and underinvest in resilience measures. This stems from a lack of awareness about the severity of potential risks and complacency due to past incidents going unnoticed.

Legislation addressing cyber risk is expected to expand globally, although its effectiveness remains subjective. Collaborative efforts between industries and policymakers are crucial to develop practical and relevant laws that keep pace with technological advancements. However, the slow pace of legislation could render it outdated by the time it's enacted.

Artificial intelligence (AI) has become a prominent tool in cybersecurity, offering both opportunities and challenges. Poorly implemented AI solutions can compromise data security, leading to unauthorised access and breaches.

Attackers are leveraging generative AI to enhance their tactics, while defenders are increasingly relying on AI to detect threats quickly amid the growing volume of network traffic. However, effective use of AI requires continuous management and monitoring to remain effective.

Partnering with established cybersecurity technology firms can bolster a company's capacity and provide enhanced visibility into potential threats. By leveraging proven solutions and expertise, businesses can better protect themselves against evolving cyber threats and mitigate the risks.

John McLoughlin is CEO of J2 Software

Image: CherriesJD

You Might Also Read: 

The Power Of Unified Cloud Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cyber Warfare & The Future Of AI
23andMe Sparks A Rethink About Safeguarding Critical Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

Ukrainian Academy of Cyber Security (UACS)

Ukrainian Academy of Cyber Security (UACS)

UACS is a professional non-profit public organization established to promote the development of an extensive network and ecosystem of education and training in the field of cyber security.

Militus

Militus

Militus provides the only information security service available that learns and analyzes your network over time using a custom-built network-based toolset.

Ultra Electronics

Ultra Electronics

Ultra specialises in providing application-engineered bespoke solutions. We focus on mission critical and intelligent systems in the defence, security, critical detection & control markets.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.