Cybersecurity is an essential part of every single business online.
It was, quite frankly, an assumption. I would use the same password for my own convenience and exit my browser after finishing my day, thinking I was secure. Yet, dark actors access sign-in pages and steal credentials as long as a computer is running. That was the assumptions I made before I knew anything about cybersecurity.
Assumptions have triggered an unprecedented rise in cyber-attacks. In 2023, password-based attacks increased more than tenfold. This, according to the Microsoft Digital Defense Report 2023, equates to “around 3 billion per month to over 30 billion with an average of 4,000 password attacks per second targeting Microsoft cloud identities this year.”
One big assumption about cybersecurity is you’re covered if you have an IT team, cybersecurity framework and new employee training. It’s comfortable to think that.
Being cyberfit, though, is a lifestyle choice. Like eating healthy food and exercising, it’s hard work, but the risks are even higher. Sixty percent of small companies go out of business six months of being hacked according to Cybercrime magazine. Cyber criminals aren’t just pickpockets. They want to steal your intellectual property and reputation.
The good news: you can overcome common assumptions by periodically exploring (I recommend quarterly) three cyber assessments, especially for financial service firms:
How does the organization's current cyber risk profile align with the acceptable boundaries of risk established by the board or leadership?
Are the risk profiles developed by management in line with your company’s risk tolerance?
What is our actual exposure to cyber risks?
What needs to be true and what steps to be taken to reduce our exposure?
Are there any identified gaps in funding or resources that need to be addressed to achieve an acceptable level of risk?
What specific quantifiable business impact do we know of cyber risks and data exposures have?
What is the measurable business impact of known cyber risks and data exposures?
What technologies do we have in place to automate the monitoring process?
Exploring these basic (Access Control, Business Function Segregation, Encryption, backups, incident response, and business continuity) will replace assumptions with knowledge, the currency of successful companies in the modern era. Speaking of knowledge, learn more about cybersecurity through this on-demand webinar called Unlocking the Future of Cybersecurity and AI. This insightful discussion features industry experts who are at the forefront of cybersecurity innovation. Together, let’s make plans, not assumptions, to protect our digital assets and safeguard our organizations in an increasingly interconnected world.
Helen Yu is a Global Top 20 thought leader in 10 categories, including digital transformation, artificial intelligence, cloud computing, cybersecurity, internet of things and marketing. She is a Board Director, Fortune 500 Advisor, WSJ Best Selling & Award Winning Author, Keynote Speaker, Top 50 Women in Tech and IBM Top 10 Global Thought Leader in Digital Transformation. She is also the Founder & CEO of Tigon Advisory, a CXO-as-a-Service growth accelerator, which multiplies growth opportunities from startups to large enterprises. Helen collaborated with prestigious organizations including Intel, VMware, Salesforce, Cisco, Qualcomm, AT&T, IBM, Microsoft and Vodafone. She is also the author of Ascend Your Start-Up.