6 in 10 Irish businesses are ignoring cybersecurity threats. Are you?
The world has turned to digital tools, technologies, and platforms to get everything done. With this move comes new threats – but despite the clear danger that cyberattacks, data breaches, and data losses present, few SMEs are taking the threat seriously, or implementing proper precautions.
Today, digital is the new physical. Since the earliest days of the global pandemic, thousands of businesses across the world have turned to digital platforms, electronic systems, and remote offices. And it’s not just business: shopping, entertainment, relationships, and almost every other aspect of human life has turned to digital for its convenience and necessity.However, everyone needs a stark reminder of the new threats that come with this new world. With this opportunity and power comes risk: malicious actors are out there, hungry to access your systems, steal your most sensitive data (or worse).
Malware & Cyberthreats in 2021
In 2021, threats from cyberattacks and malware need to be taken more seriously than ever before. As the Malwarebytes 2021 State of Malware Report put it:
“As entire businesses switched to remote working, IT teams found themselves trying to fit months-long projects into days, with security an unfortunate but understandable casualty. Faced with a new landscape, cybercriminals ditched some old tactics and placed a new emphasis on gathering intelligence. And as people adapted to their “new normal,” scammers exploited their isolation with a resurgence in tech support scams.” -- Malwarebytes 2021 State of Malware Report
Threats – new and old – are on the rise. According to Malwarebytes, the global shutdown was accompanied by a staggering rise in the use of stalkerware, (named for mobile monitoring and spyware apps that are sometimes deployed by abusive partners). Detections for HackTools and Spyware on Windows increased dramatically, by 147% and 24% respectively. At the same time there were dramatic increases for other malware threats: a 2,251% increase in KMS, Infostealer threats up by 2,057%, a 973% increase in Dridex, a 566% spike in Farfli, and a 218% rise in Tech-SupportScam.
“From January 1 to June 30 [2020], Monitor detections rose 780 percent, and Spyware detections rose 1,677 percent. That six-month comparison represents our highest increase when looking across the entire year. When comparing the month of January to the month of December, monitor app detections increased by 565 percent, and spyware app detections increased by 1,055 percent” – Malwarebytes 2021 State of Malware Report
With these threats, it’s no wonder the cost of data breaches and data losses in 2021 are so staggering.
The cost of Data breaches and losses in 2021
In 2021, there was a 50% increase in cyber-attacks on corporate networks, with Ireland having one of the highest rages of data breaches in the EU. A comprehensive IBM report found that the average cost of data breaches in 2021 was €3.72 million; what’s more the average cost of lost business due to system failures and breaches was €1.39 million.
Even the largest corporations in the world are not immune to the dangers of data breaches. Recently, the DPC launched an inquiry into 12 data breach notifications it received between June and December 2018 about Meta Platforms Ireland Limited (as Facebook is now known). The inquiry found that the company failed to have appropriate technical and organisational measures to protect the data of EU users, resulting in a €17 million fine against Facebook.
The threats and dangers of data breaches are clear, and security professionals recognise them. One report by malware experts Helpsystems found that, “88% of respondents see malware and ransomware either as an extreme threat (60%, up five points since last year) or moderate threat (28%)… [and] a significant majority (75%) of IT security professionals predict malware and ransomware to become a larger threat in the future.”
And it's not just cybersecurity pros that are concerned – customers are too.
Despite this, many businesses remain complacent in the face of the business-destroying threat of data breaches and cyber attacks.
60% of Irish Businesses aren’t taking cyberthreats seriously
A damning report, the 2021 .IE Tipping Point report from .IE, the managers of Ireland’s more than 340,000 .ie domains, reveals that six in 10 Irish SMEs take no particular steps to protect customer data online or do not know how to.
What’s more, the study found that just 15% of SMEs said they use a firewall or antivirus software, 11% use two-factor authentication and just 4% said they trained staff in cybersecurity best practice. Worse, they’re not looking at meeting these threats head-on: only half (54%) of SMEs are planning a significant digital investment in the next 5 years, with most of this effort focusing simply on launching a new website, improving their existing one, or building a dedicated app. This is despite 75% of consumers saying they were "very" or "somewhat concerned" about the security of their data when shopping online.
"While it might be tempting for a small business to postpone investing in anything that doesn’t lead to a measurable return in the here and now, a cyberattack can be immediately devastating and lead to permanent erosion of customer trust," David Curtin, Chief Executive of .IE said.
Relying on old technology and systems to fix or prevent new problems is clearly worse than bad. In 2021, the average cost of legacy systems maintenance for large organisations was estimated to be around €252 million. On average, even simple maintenance of these legacy systems can take up to 75% of your entire IT budget, and cost 4 times as much to maintain as they were to purchase. Worse, the severe fallout of these systems failing can irreparably damage a business’s operations and reputation: in one notorious example in 2012, over 16 million customers at three of Scotland’s largest banks out of their accounts for four days.
Relying on old tools to fight these new threats is like expecting an HD movie to stream on a 90’s dial-up modem connection.
So, how you can stop million of euros in data breach damages?
Despite the growing threat of cyberattacks, malware, and data breaches, there are many steps you and your organisation can take to securing your master and transactional data, says OpenSky Information Intelligence Technology Manager Philip Schenck.
"The world is more online than ever before, which means that threats are more serious than ever," says Schenck, who has more than 20 years' experience in software development, system architecture, and data & information intelligence practices. "Luckily, there are a great many ways to secure and protect your data and meet full compliance with data protection and privacy laws and governance."
Secure Your Websites and Software
Your websites, online systems, and software are primary vectors of attack to outsiders. Unsecured websites, web traffic, and software poses a great risk to all in terms of data interception and phishing, and so you need a data protection strategy that covers all parts of these technologies.
Reinforce Your Online Environment With Layered Security Tools
It is crucial that these tools effectively safeguard data while prioritizing privacy. Examples of these are the use of VPNs, Privacy Browsers, Antivirus and Antispyware applications, Firewalls, and proper state-of-the-art encryption software. These tools are especially important for online traffic and cloud solutions.
Password Security That's Ahead of The Curve
Most data breaches occur as result of compromised passwords. Ensuring proper, complex, and strong passwords are enforced is crucial. Longer passwords are more difficult to crack than short passwords. Two-factor authentication should also be standard and not optional anymore.
Ensure All Systems and Software Are Up-to-date Around The Clock
When serious security threats and vulnerabilities are discovered, time becomes a critically important resource. Ensure that your IT systems automatically and timeously allow the latest security patches and software updates as soon as possible, and that your hardware and computer systems are properly patched.
Securing your data systems is our forte
"Data protection should not be taken lightly," says Schenck. "When you look at the serious damage – financial and legal – that you can suffer from a breach, it becomes shocking that 10/10 businesses aren't making data protection their biggest priority. Every organisation has a responsibility to ensure that private and sensitive data are properly secured and only used in specific stated ways, and that processing, storing, and securing of this data is lawful, and that we do not store this data for longer than necessary and required."
OpenSky's best-in-class data management practices will put your entire team's worries to rest: we'll safely migrate your existing system to modern environments, secure your databases, and guarantee your services with multiple remote backups, off-site storage, and disaster recovery options, all with the latest in ISO-backed data protection standards. With more than 17 years of high-level development and delivery of data protection and IT solutions in some of Ireland's largest government and public sector organisations, we are your ideal provider of safe, secure, high-performance data systems.
Find out the incredible ROI you can achieve within your first month with a free, no-obligation call with our expert data security, migration, and secure hosting consultants.