Financial services companies have always been a popular target for cybercriminals, according to cybersecurity experts at ESET, and for good reason, because they handle a lot of confidential customer data as well as money that criminals can use for various scams or sell in online black markets: Verizon The financial sector experienced more than 1,500 incidents in the last year alone, including 448 confirmed data thefts.
According to ESET experts, who handle business and home security software solutions worldwide, Sicontact Kft. , a Hungarian software distributor dealing with IT security, there are many reasons why companies are constantly struggling to create the right cybersecurity conditions.
One reason is that there are not enough cyber defense professionals.
Although the cybersecurity labor shortage was on a downward trend for the first time in years, there are still 3.12 million fewer professionals in demand globally. To fill the global skills shortage, employment must increase by 41 percent in the United States and 89 percent worldwide.
Another advantage is that companies’ budgets are not sufficient to combat cyberthreats.
In a survey by consultancy EY, 87 percent of organizations surveyed said they did not have enough money to achieve the required level of cybersecurity and resiliency. Due to lack of resources, companies cannot employ enough professionals or put in place technical measures that will make them resilient in the face of various threats.
Another common mistake companies make is overestimating their cybersecurity measures. Although they may think they are ready for everything, they may not be at all sure about applying the best vulnerability management guidelines, in fact, they often do not do everything against a serious vulnerability, and it may not take months to fix a published software bug post .
Another common reason that undermines corporate security is that employees do not receive proper training in cybersecurity.
Remote work, for example, has increased the risk of employees downloading or editing company credentials as a result of a scam. According to a study by the Ponemon Institute, although the number of cyber-attacks, phishing, and human-based social engineering attacks discovered by companies has also jumped, 24 percent of respondents felt that their organizations did not provide them with adequate training on the risks of remote work. : More than half of them do not have a safety policy for remote workers.
According to the analysis, one of the reasons is that companies undervalue cybersecurity,
Instead, they invest in other areas they find more interesting, such as financing expansion or developing new products. They argue that the costs outweigh the benefits, for example, the financial effects of cybersecurity measures outweigh the potential losses from data breaches. While the penalties and potential losses may be lower in the short term, the deterioration of the company’s reputation can lead to a greater loss in the long term, including loss of customer confidence, which also harms revenue sources.
In addition, during the attack, cybercriminals can gain access to the intellectual property, which they can then sell on the dark web along with customer data.
“Friendly thinker. Wannabe social media geek. Extreme student. Total troublemaker. Web evangelist. Tv advocate.”