October 10, 2017

It’s still too easy to break cyber security

Markus Melin

Head of Tieto Security Services, Tieto

Many successful cyberattacks are fundamentally very simple. Most of them could have been avoided with thorough security processes and diligent attitude towards patching.

Usually, if you own something really valuable such as a 5-carat diamond ring, Patek Philippe watch or a video of your child’s first steps you go to great lengths to keep it safe. You wouldn’t take off your ring and leave it unattended on a fast food restaurant counter.

But when it comes to securing the business, everything suddenly becomes more complicated. Do we have locks on all doors? Check. Alarm system? Of course. Good cybersecurity processes and visibility to all digital assets? Not sure… could you say the first part again?

Physical security comes naturally to us. No one would even dream of leaving office doors unlocked at night. But for some reason, with digital security many seem to drop the ball. It’s been said time and time again that data is the most important asset of any organisation. Still, it seems to be all too easy to wreak havoc with company data and sometimes cause irreparable damage.

Many successful attacks are fundamentally very simple – this seemed to be the sentiment of many speakers at Helsinki’s Cyber Security Nordic event last September, as well. Security is only as strong as its weakest link.

Often, a breach is caused by human error and/or software vulnerabilities. Most of these would be avoidable with thorough security processes and diligent attitude towards patching.

The high costs of bad security

Data is the new oil, and data breaches can cost companies enormous amounts money. Perhaps the best way to convince the CEOs and decision makers to give enough attention and budget to security is to show them the numbers.

A very recent example is the breach at Equifax which exposed information of 143 million clients. The attackers used a known vulnerability that would have been trivial to patch. But the door was left open for the attackers, and the company’s value dropped over 4 billion dollars in a few days.

CSO has recently published an excellent list of the biggest data breaches of the century. The list should be printed on every office wall to remind of the importance of good security.

If you assess your security risks well, put good security processes in place and understand the importance of up-to-date systems, you’ve come a long way.

Do you want to know more about securing your business? Download our white paper about visible cyber security.

Stay up-to-date

Get all the latest blogs sent you now!