Cyberattacks are increasing and becoming more sophisticated. Organizations face challenges from advanced cyberattacks, data breaches, and ransomware. At the latest Implema Meets in Stockholm, Emanuel Lipschütz, independent cybersecurity expert, participated . He talked about the current threat landscape for cyber threats and what’s required to protect yourself. We caught up with him afterward for a chat.
Hello there, Emanuel Lipschütz, independent cybersecurity expert, you recently spoke at Implema Meets in Stockholm about cyber threats and cybersecurity – what are the biggest cyber threats that companies face today and what will be the next big threat, as you see it?
The short answer is that the threats are many. Vulnerabilities in publicly exposed services, everything that’s published on the Internet, needs constant security updates. Otherwise, the risk increases that it becomes the entry point into your environment for an attacker.
An obvious threat is phishing and social manipulation. One of the most common ways an attacker gains entry is by sending phishing emails or otherwise tricking someone in your organization to do something that gives them access.
Another major risk is not protecting your data and backups. That’s one of the first things cybercriminals target. So proper protection for both data and having a cyber recovery solution in place is critical!
Then we have denial-of-service attacks. Since I saw a denial-of-service attack for the first time in 1999, the number has increased markedly. In 2011, I saw for the first time how it was used for extortion purposes and nowadays many times to create instability and mistrust.
Another threat follows from AI and not classifying your data correctly. I recommend using AI. But it’s important to do it the right way so that AI doesn’t make sensitive data available to the public and threat actors.
But the biggest challenge of all is not taking the threats seriously and not gaining a basic understanding of the threat landscape and the risks that the threats entail.
What would you say are the most common mistakes companies make when it comes to protecting their systems and data?
It’s not having knowledge of your threat landscape and threat actors’ attack methods. Additionally, not having identified your most business-critical systems and data to know which systems you should protect the most. Therefore, you don’t prioritize resources and your budget where it’s really needed.
You mentioned that the probability of experiencing a breach is 30%. What measures can small and medium-sized companies take to protect themselves against cyberattacks, with limited resources?
Yes, I mentioned that three different reports described that in the surveys that formed the basis for the reports, 32-40% of all organizations had experienced a breach in the past 12 months.
When it comes to protecting yourself, step 1 is to be clear about what you’re protecting, i.e., what assets you have. To define what the crown jewels are and then understand the threat landscape. After that, you should look at what protection mechanisms you have in place. What you’re missing in order to make a prioritization.
A quick and effective way to increase the organization’s protection capability is to invest in a good solution for endpoint protection and security monitoring. Another activity that makes a difference when an incident actually occurs and reduces the consequence is to develop good processes for incident response and practice handling different scenarios, such as your business data being encrypted.
A new cybersecurity law is coming – what does it entail and who is covered?
The new law is based on the NIS2 directive. Which is the EU’s response to the increased cyber threat, also known as the directive on network and information security. Its purpose is to improve cybersecurity and build resilience throughout the European Union.
The new law (what we know about how it might look) places requirements on companies that they need to comply with. The foundation is systematic and risk-based information security work. To put it simply, all companies that have socially important operations and meet the criteria of at least 50 employees or 100 million in revenue are affected.
The latest assessment is that it affects somewhere between 3,000-5,000 companies in Sweden, but the impact will be much greater than that. Since everyone who is a supplier to companies affected by NIS2 will be indirectly affected. Securing the supply chain is an important part of NIS2 and the new cybersecurity law.
Finally, what do you think about the future of cybersecurity – what trends or technologies will dominate? What role do artificial intelligence and
machine learning play?
AI has already and will have enormous impact on cybersecurity going forward. Not using AI in your cyber defense becomes like “bringing a knife to a gunfight”!
Quantum computers are another technology that will affect encryption, which is the foundation of much of the confidentiality in various services we use today. Here it’s important not to panic, but to start preparing for a world where quantum technology is widely available.
