A safe, digital world: how to deal with cyber threats?

We speak to Damian Wróblewski, CEO at Security Masters, about the significance of raising awareness regarding cyber threats and the pressing need to provide measures improving digital security in both private and business realms. Are we ready to face the challenges posed by a constantly evolving risk landscape in the online world?

Wiktor Doktór, Pro Progressio: ‘Cybersecurity’ is quite the buzzword now. Are we, both on individual and company level, genuinely aware of online threats?

Damian Wróblewski, Security Masters: Unfortunately, it seems that we are not. This lack of awareness mani fests itself in certain behaviors and actions that compromise our privacy and security – yet we carry on doing them regardless.

It is quite often the case that individuals do not realize just how valuable their personal data is to cybercriminals. ID numbers, e-mail addresses, banking information can all be misused in the hands of rogue actors and facilitate identity theft, financial fraud or blackmail. Failure to follow basic security rules, such as using strong passwords, regularly updating software, or lack of two-factor authentication leaves the door for cybercriminals wide open.

There is a belief among small and medium-sized enterprises that cybersecurity does not concern them. This type of thinking is very risky because cybercriminals are targeting smaller organizations more often than ever before. Large corporations, despite more robust security systems, are also left vulnerable to attacks which include advanced threats that may go unnoticed for a significant period of time and cause serious damage. Underestimating risks may gene rate serious repercussions for employees – such as financial losses, which, in the case of employment contracts, may equal three monthly salaries; and in a B2B relationship may go even north of that. In extreme cases, members of the management board or people responsible for IT operations may face legal proceedings.

Misjudging cyber threats reveals that both individuals and businesses need to work on raising their awareness and prepare a whole lot better for the challenges posed by the digital world. In order to effectively protect personal data and property against the snow balling online threats it is absolutely vital to invest in education and campaigns raising awareness on top of traditional security solutions.

Where are the business threats coming from and what should companies pay attention to?

The multitude of online threats for business are diverse and sophisticated. Many of them stem from attacks aimed directly at company employees, in particular those working in

or with the finance departments – think chief accountants, finance directors, board members, CFOs, or CEOs. Among the most potent and popular attack vectors at the moment is phishing that relies on spoofing and social engineering techniques. The development of artificial intelligence has rendered these attacks much more sophisticated, and not as littered with mistakes and typos as was the case until November 2023.

One thing still rings true, though – people remain the weakest link of every organization. Lack of awareness, knowledge, and good practices in the area of cybersecurity may lead to very bad outcomes for businesses and people who run them. Failure to properly and safely use a work computer or everyday office tool may affect work ergonomics as well as open the door to cyberattacks. Road traffic is a case in point here – in order to pass the driving exam, one needs theoretical as well as practical knowledge. The same applies to computers and the Internet, where lack of appropriate training can generate serious threats – from data or other types of theft to genuinely tragic events.

A good starting point en route to counteracting these threats is self-education and development of proper habits in the area of cybersecurity. Once that’s done, we may move on and share such knowledge with others. Crucially, we need to stay vigilant regarding all types of messages we receive, whether it’s e-mails, texts or even phone calls which may use deep voice or deep fake to scam us. These often prey on emotions such as greed and fear and are powerful tools in the hands of cybercriminals.

Another thing worth keeping in mind when browsing is that online ads may be fake, which constitutes another source of threats. The blame does not always lie with the websites they appear at; it may be that the ad management software was developed in a way which does not prioritize verifying paid content thoroughly enough.

Software updates, using advanced security tools, and promoting a security -first approach among employees – those are just some of the areas requiring constant reinforcement whenever cybersecurity is discussed. Learning how to re cognize fake news, suspicious links, and dodgy attachments may significantly reduce the risk of cyberattacks.

And what is the story told by numbers? Is there data available on attacks and losses suffered by companies as a result of insufficient cybersecurity savviness?

With the number of threats on a con s tant upward trajectory, data on financial losses and total volume of cyberattacks paint a rather grim picture of global cyberspace. Regardless of location, companies hemorrhage millions of dollars every minute due to cybercrime.

CERT Polska reported over 322,000 cases in Poland in 2022 alone, which meant that more than 39,000 incidents were handled, representing an increase of over 34% compared to 2021. This marks a significant rise in the level of threats persisting in the Polish cyberspace, while also emphasizing that cybercrime is increasingly a challenge faced by both businesses and individual users.

It is estimated that cyberattacks in Poland occur every few minutes. The exact numbers, however, are difficult to determine because not every incident is reported. And it keeps getting worse as criminals are always on the lookout for new methods and techniques, taking advantage of human ignorance.

Global reports, like the ones published by Cybersecurity Ventures and the Ponemon Institute, predict that global losses due to cybercrime could climb to $10.5 trillion annually by 2025, with the average cost of a single data breach in the region of $3.86 million. This shows just how crucial investing in cybersecurity education and advanced defense technologies really is.

How to recognize online fraud? What are the most common attacks?

Recognizing online fraud requires vigilance and an understanding of the various techniques and methods used by cybercriminals. Scams come in many different shapes and forms, from phishing to fake invoices to ransomware attacks. Below are just some examples:

• Phishing: Scammers send e-mails or texts that appear to come from trusted sources (for e.g. banks, government agencies) in an attempt to obtain personal or financial information.
• Fake invoices: Criminals send fake invoices for products or services that were never ordered or delivered.
• Ransomware attacks: Malware locks access to company's systems or data and demands a ransom to unlock it.
• CEO Fraud: Fraudsters impersonate a high-ranking company executive and ask for urgent financial transfers.
• Spoofing: Creating fake websites that imitate real ones in order to obtain personal or financial information.

Let’s suppose things do go wrong – what now?

When something goes wrong – even despite all the precautionary measures – the correct course of action is to act swiftly and effectively to minimize the damage. Below are steps you should take in the event of a cybersecurity breach:

1. Respond immediately: The first step is to immediately isolate potentially infected systems from the rest of your network to prevent the attack from spreading further.
2. Analyze the situation: The source of the attack and the scope of the breach must be identified as quickly as possible. Understanding what data was compromised and how the breach occurred is crucial to moving forward.
3. Notify stakeholders: Depending on the scale of the problem and the type of data breached, it may be necessary to notify relevant market regulators or authorities, business partners, and people whose data may have been compromised. Transparency and open communication are key to successful crisis management.
4. Provide support to victims: If customer data has been compromised, the company should provide them with appropriate support, such as credit monitoring. That will help your customers protect themselves against possible consequences of identity theft.
5. Restore services: Once you have se cured your systems and identified the source of the attack, you may restore services. However, before fully restoring your systems, make sure all security vulnerabilities have been patched.
6. Analyze and draw conclusions: Once the immediate crisis has been resolved, engage in a thorough incident analysis. This should include an assessment of how the breach occurred, what security measures failed, and what can be done to avoid similar incidents in the future.
7. Train employees: A targeting/security incident is also a learning opportunity. Providing additional training to employees, helping them understand what happened and what they can do to contribute towards greater security – that’s a key part of strengthening cyber hygiene.
8. Communicate after the incident: Developing a detailed post-incident communication plan that incorporates lessons learned will help rebuild trust with customers and partners.

Note that no system is 100% immune to attacks, which is why preparing for various scenarios and acting swiftly in the event of a security breach is of paramount importance. Online threats are constantly evolving which in turn means that cybersecurity must be an equally dynamic, ongoing process where bringing one’s knowledge and defense measures up to speed on a regular basis is a must.

Remote and hybrid work has become very common since 2020. What are your cybersecurity tips for distributed teams?

Remote and hybrid work has indeed become the “new normal” for many organizations around the world. This, in and of itself, brings new cybersecurity challenges. Here are some tips that will help distributed teams improve their digital security:

• Use specialist services: Work with experts delivering cybersecurity services – preferably on a monthly subscription model, which includes training for your staff. Remember that cybersecurity is an ongoing process, not a one-off event.
• Mock cyberattacks: Engage in regular, controlled attacks on your systems and employees to test them in a more practical setting. Testing your security in a controlled environment, staged and delivered by a trusted partner, is a much better option than facing the real threat of cybercriminals.
• Train and raise awareness among your employees: Provide regular cybersecurity training to keep employees aware of potential threats such as phishing, malware, and ransomware attacks. Every team member should know how to recognize and respond to suspicious activity.
• Use a VPN: Encourage employees to use a VPN (Virtual Private Network) as this will ensure they maintain a secure connection between their devices and the corporate network, particularly when using public Wi-Fi networks.
• Manage your passwords: Implement a strong password policy and promote the use of password managers. Consider implementing multi-factor authentication (MFA) as an additional layer of protection.
• Update your software: Ensure that all company devices and software are regularly updated to include the latest security patches.
• Secure your devices: Implement security policies for devices facilitating remote work – including hard-drive encryption, antivirus software, and firewalls.
• Store your data securely: Use secure, encrypted methods for storing and sharing data. Avoid storing sensitive company information on personal devices.
• Adhere to BYOD (Bring Your Own Device) policies: If employees use their own devices, set clear security and data protection requirements.
• Devise an incident response plan: Develop and implement a cybersecurity incident response plan to quickly identify and eliminate threats.
• Perform regular security audits & risk assessments: Conduct security audits & risk assessments on a regular basis to assess the effectiveness of security measures and identify potential vulnerabilities.
• Promote a security-first culture: Build a cybersecurity culture within your organization by encouraging open communication about threats and best practices.

Adapting security strategies to new work models, educating employees, and implementing appropriate security tools are key components on your journey to company safety. Research conducted by companies active in executive search and recruitment of top managerial talent points out that distinguished managers – few and far between at the best of times – do not want to be tied to a single company, thus they often provide their expert services to a host of clients at the same time. That piece of information is worth taking into account when working out your cybersecurity budget.

Thank you for the interview.

Translation: Michał Kramar, MK Advisory.

Photo: OHPHOTO Ewelina Szindler

This article comes from magazine:
FOCUS ON Business #15 March-April (2/2024)