Globally, 2023 was a challenging year for organisations looking to stay one step ahead of cyber criminals. And Europe was no different. The Royal Mail (UK), software provider Nebu (The Netherlands), eyewear company Luxottica (Italy), and government software provider Xplain (Switzerland) were among a string of organisations to fall victim to cyber attacks.
In a stark warning, Tanium’s Cybersecurity in Europe report spells out the current threat level in no uncertain terms.
“[Across Europe] we are seeing breaches in all industries, from airlines to retail, from banking to manufacturing. And the pace of attacks is increasing.”
The evolving cyber landscape in Europe
Industry experts are divided about what lies behind the spike in attacks. Ongoing geopolitical tensions — including Russia’s invasion of Ukraine — and the mobilisation of international state-sponsored groups are one area of concern.
But so too is the ongoing work of many established companies and institutions to strengthen their own security while managing the transition away from legacy systems. While this is essential work, the transition can expose security risks and weak points such as unpatched and unidentified devices on networks.
Whatever the reasons, the ramifications of increased threats and inadequately protected IT infrastructure remain the same. Spending on cybersecurity is increasing — because breaches are costing more — and that means organisations have to dig deeper to take the necessary preventive measures to counter them.
According to IBM’s Cost of a Data Breach Report for 2023, the average cost of a data breach in Europe is $4.67m in Germany, $4.21m in the UK, $4.08m in France, and $3.86m in Italy. Only Canada, the Middle East, and the United States are higher than Germany’s cost.
The biggest challenges facing CISOs
For chief information security officers (CISOs), ensuring that they have sufficient defences in place to repel phishing attacks, supply chain hacks, or socially engineered targeting is all part of the job. But as the IBM figures highlight, the costs involved should a breach occur are sobering nonetheless.
But that’s only part of the problem. CISOs also have to be certain they are resilient enough to recover should the worst happen. In other words, the role is not merely to take defensive action against any possible attack. Instead, the challenge is also to ensure their organisation is resilient enough to recover — and recover quickly — in the event of a breach.
There are other challenges too, not least with regards to having access to sufficient resources to maintain security levels. According to Tanium’s report: “Too often security practitioners feel their work is ignored or undermined until it is too late…[with] almost two-thirds of respondents (65 percent) agreeing that IT and security teams believe an event has to occur before they can receive higher cybersecurity investments.”
As one insider quoted in Tanium’s report said: “The leadership in my organisation are only concerned by cybersecurity following a cybersecurity incident.”
In fact, eight in 10 (79%) of professionals surveyed in the same study said that more cybersecurity budget is only likely to be assigned following a data breach — not ahead of one.
This is a clear case of ‘shutting the gate after the horse has bolted’ and poses a real concern for CISOs who need to convince senior leaders of the importance of preventative cybersecurity in protecting the business.
To put it bluntly: Without the right toolset in place, organisations will lack the visibility, control, and planning to be able to both prevent an attack and react properly to it.
But help may be at hand. The technological advances that have been used so effectively by cyber criminals are also built into powerful suites of tools to protect organisations.
The future of cybersecurity for business
In particular, the use of artificial intelligence (AI) and automation are delivering some groundbreaking solutions to counter such attacks in all areas including data loss prevention, fraud detection, and IT asset inventory management, to name but a few.
For us at Tanium, that means one thing. The future of cybersecurity lies in autonomous endpoint management (AEM).
AEM combines the power of a real-time endpoint management platform with AI to unify IT operations and security teams on a single platform. It empowers organisations to query and analyse data on every endpoint in real time and apply updates and changes at speed and scale. When you combine real-time data with our ability to act with AI, it represents a quantum leap forward for organisations looking to mitigate risks, manage their environments, and remediate incidents before damage occurs.
With AEM costs and risks are reduced. It automates common tasks to free time and help ensure compliance, auto-remediates vulnerabilities to reduce attack surface, self-heals common issues to reduce help desk burden and disruptions, and customises workflows for operational efficiency.
What’s more, is that it’s not a solution pencilled in for some time in the future. It’s being rolled out as we speak. In a world overshadowed by cyber threats, we’re committed to leading the way towards an autonomous future for IT, information security, operations, and risk and compliance teams.
Learn more about The Future of Cybersecurity in Europe and the Autonomous future we are fast approaching.
About the author
Zac Warren is Tanium’s Chief Security Advisor in EMEA. Zac started his career in IT with a passion for cybersecurity and was a senior security analyst at a leading manufacturer of security platforms and later a cybersecurity architect and consultant for large system integrators. Zac has spent most of his career helping government agencies and several Fortune100 companies reorganize their security architectures, controls, policies, and procedures. Today, Zac is responsible for developing and supporting Tanium’s cybersecurity business in EMEA.
Security
Read More from This Article: The future of European cybersecurity is autonomous
Source: News