What is the state of preparedness in companies for cyber threats?

When a company implements new security policies that prove to be effective in protecting against cyber threats, they can very quickly become stuck at that point. However, month after month they get positive reports and remain safe. This is a trap of passivity that can very quickly dig a pit from which it is difficult to climb out. It only takes one successful attack to topple the house of cards. Worse yet, we realize that we could possibly convince an attack if we continued to invest in cyber security.

Awareness of potential cyber threats has increased significantly among businesses, mainly due to the increasing number of high-profile cyber incidents and their impact on business. Most organizations now recognize cyber security as a key part of their business strategy. However, the level of awareness is not evenly distributed, as smaller companies often lack the resources or knowledge to effectively address threats.

How is cyber security treated in Slovenian companies?

»Given that the company is primarily engaged in consulting in the field of cyber security, I can say that we do our best to have security mechanisms implemented in accordance with good practices. But it all starts with the 'Policy for the protection of information and the use of ICT resources', which every employee must be familiar with before even starting to work with us. Despite everything, we put a lot of effort into regular and continuous employee training, as data security is of vital importance to us. In the following years, we can continue to expect a sharp increase in attacks on users, which can result in the launch of a ransomware virus and the encryption of data in the organization. There are also more and more attacks via newly discovered vulnerabilities via VPN concentrators or network devices that are open to the Internet, so it is crucial to update such devices up to date in addition to accessing services with multi-factor authentication." says Boštjan Špehonja, director of GO-LIX.

There are different approaches to implementing security practices and protocols. Larger organizations typically invest in advanced security technologies such as next-generation firewalls, intrusion prevention systems (IPS), and security information and event management (SIEM) platforms. Despite this, studies show that many companies still neglect basic security measures, such as regularly updating and patching software, leaving vulnerabilities open.

"At T-2, we have established a security cyber center that operates 24/7 and is focused on the constant monitoring of security events, and at the same time, we are constantly improving our security protocols and technologies with the experience and knowledge gained. With the development itself, we arrive at the segmentation development of security protocols. Such as network segmentation and the regulation of company policies, or the use of appropriate protection on end devices and industrial security and the aggregation of all events/incidents in a common controllable system. The future of cybersecurity will require even greater automation, deploying artificial intelligence and machine learning to detect and respond to threats in real time. We expect cyber attack techniques to continue to evolve, including attacks on the Internet of Things (IoT), on industrial OT systems, and on AI itself. In addition, it is important to realize that the human factor is one of the major security risks, so it is imperative that we have effective education and control policies that protect us from insider threats. It is important that we remain proactive and flexible in our approach to security.” they trusted us in the T-2 company.

The capacity of companies to respond to security incidents and quickly recover from attacks is a key component of their preparedness. Organizations that have developed and tested comprehensive incident response plans are proving to be more resilient to the consequences of cyber attacks. However, research shows that many companies still lack formalized processes for responding to cyber incidents, which reduces their ability to respond quickly and effectively.

For an opinion, we also turned to the company SI SPLET, which operates with advanced ESET security solutions.

"Discipline is what which has enabled ESET to develop innovative research and product development for more than 30 years, support award-winning threat research and become a world leader in cyber security. This means that we must remain prepared for current and future cyber threats that are relevant to the internal security of our company and the external security of our customers.

This has enabled us to proactively collaborate with our technologists and systematically use data obtained from ESET's own leading threat research to develop our AI-based, prevention-first technology that identifies and neutralizes various threats before they even occur. perform.

Required prerequisites are: balanced management of security controls according to industry standards such as ISO27001 and compliance with software security standards such as FIPS 140-2 and LINCE. Within the company, this means balancing the necessary security controls applied at a technical level and establishing the necessary systematic training for all staff.” explains Petra Veber, operational director of SI SPLET.

We also talked about how security will change in the future and what threats we can expect in the coming years.

"Dramatically. Security changes every day; the pace of change and complexity of IT environments, the threat landscape and the compliance ecosystem are accelerating.

We certainly expect more AI-based attacks, not just the use of large-scale language models (LLMs) for phishing, but complex tactics, techniques and procedures (TTPs) by adversaries created or supported by AI at all stages of the destruction chain. It's also important to point out the old-fashioned business continuity risks that are emerging. These may arise from global changes in the political climate or even climate change. Each of these forces can affect stability and offer avenues for further escalation of digital security threats.”

The current state of corporate cybersecurity preparedness reveals a complex picture where advances in security technologies and practices run parallel to existing vulnerabilities and deficiencies. Despite increased awareness and investment in security, many companies still face challenges in establishing a comprehensive cyber defense. Emphasis on employee education, developing effective response strategies and ensuring compliance with regulatory requirements will be critical to improving overall cybersecurity in the future.

Cover image: Image by kjpargeter on Freepik