Intelligence assured

The data intrusions are constantly increasing. Digitization means that the possible attack routes into companies increase and when machines are connected to the internet, it becomes easier to attack, for example, the production in a company.

The methods used by the attackers are becoming more and more refined. Net fishing, crypto hijackings and CEO scams are some methods that increase according to a report from Trend Micro. Most of us like to respond quickly to notes from managers, decision makers and authorities, and this is exploited by cyber-criminals.

In addition, the attacks today are usually targeted and well-planned, unlike the more general methods that have existed before. The threat landscape has thus changed in terms of strategy and tactics.

Mobile use – a new big risk

We are becoming increasingly mobile in our use of technology and this means that these units also are exposed to attacks. Attracting sensitive information via SMS, phone calls or social media is now becoming increasingly common.

This means that humans and our mobile habits can be a risk for the companies we work in and our employers. Organisations must ensure that mobile units have protection in several layers and that the employees have received training in which security procedures that applies even outside the company's walls.

A hacking can cost large sums

In the summer of 2017, the Danish shipping and oil company Maersk was hit by an extremely large cyber-attack, which almost made the company disappear from the market. The attack cost the company about SEK 2 billion in lost revenue. In addition, the entire IT structure had to be reinstalled.

A report from Cisco, Cisco Benchmark Study report, shows that 33% of all the 3,200 IT security officers involved in the study work in a company that suffered at least one incident that cost their business more than $ 1 million in 2018.

A data breach can simply become very costly to a company that is affected. One reason is that most companies are not equipped to handle a cyber-attack. They do not work proactively with cybersecurity work.

Is there competence available to handle these data intrusions?

In order to manage the digitization also from a security perspective, competence is required. But the security experts are not enough, and the general competence and awareness of security is today low.

The magazine CIO.com makes a survey every year among US CIOs, and in the latest, 2019 State of the CIO, 40% state that cybersecurity is at the top of the IT investment list. At the same time, 33% say that security / risk management is an area where it is extremely difficult to find the right skills. The skills shortage has become a security problem in itself.

Advenica has extensive experience in cybersecurity. We provide expertise and unique, technologically advanced, sustainable and future-proof, high-security cybersecurity solutions for critical data-in-motion up to Top Secret classification.

Get in touch with us if you are considering raising your skills in your cybersecurity business!

Digitalisation has given us a tool for instant global communication, the Internet. This development is basically positive in many ways, but unfortunately it also means that the possibilities of violating the networks of others are increasing. This since almost all devices connected to the Internet potentially can be hacked. Advanced cyber-attacks from various directions, even from state attackers in other countries, are therefore today unfortunately part of our everyday life.

What is the purpose of these attacks?

Cyber-attacks organised by states usually aim to overcome information that is important for the security of the country. The strategies behind a nations foreign policy, vulnerabilities in the society and the level of total defense are examples of information that attackers might be interested in.

Research results, development projects and patent applications are other important sources of information that can be a target from an attacker’s side. The purpose of this industrial espionage is, among other things, to boost their own industry and to generate competitive advantages.

How does the attackers act?

One of the most important approaches for an attacker, trying to get hold of socially important information, is to send malicious code to employees and their relatives. Since these emails often are very sophisticated, the recipient usually isn’t suspicious.

Other ways are to use online services for ordinary citizens or to place out malicious code to outsourcing companies or third-party vendors.

What can we do?

In order to detect these attacks and build effective protection against them, we need to increase our knowledge of cybersecurity. We need to establish our total defense by rebuilding a civil defense that is prepared for various types of attacks.

All companies, authorities and organisations also need to increase their awareness of the risk of IT attacks and realise the importance of working with information security issues in a continuous and structured manner. Annual risk and safety analysis are a good start, as well as looking at how to work with network segmentation to ensure confidentiality.

If you need advice and guidance on how to think about cybersecurity, you are welcome to contact us at Advenica.