As the new decade emerges, new threats to business will emerge and the constant threat of cyber-attacks will remain ever-present. In 2020 it’s likely to become a more serious issue, according to international cyber-security experts.
One such expert is Kiwi-based Joerg Buss, technical director at Darkscope, who says businesses in general have the issue top of mind but still need more appreciation of the scale and intricacies of the problem.
While Buss says there is now more awareness of cyber-crime in the business community, and the issue is being taken seriously, most businesses don’t know what they should do next.
“A recent survey conducted by a cyber insurance company showed that 75 percent of businesses interviewed don’t understand their exposure, which means they don’t know how or where they should protect their business.”
SMBs have a similar complex attack surface (and therefore exposure) as large businesses in terms of their spread of information and technologies they use, says Buss. “However, SMBs don’t have the budget or know-how to protect their business efficiently.”
Worryingly, cyber-attacks are getting more sophisticated and harder to detect and the whole issue of cyber-security is becoming more complex.
Buss says attackers have a knack for always staying one step ahead, and in years to come he predicts greater use of modern technologies such as AI being deployed against them.
“The biggest risk for SMBs, and for all people, is losing your identity. There is technology now that can mimic people and you wouldn’t be able to tell the difference. Imagine an AI being able to copy your voice or even your face – the possibilities of how this could impact a business or individual are significant.
“If you are copied artificially, it will become harder to prove your real identity.”
His advice to business owners is to go back to basics. “Find out what your biggest cyber-security risks are and stop trying to defend all aspects of your business.”
Focus your efforts to mitigate your weakest areas so the budget can be used more efficiently, he advises. “If a business spreads its security too thinly it will remain weak and still be open to attack. However, if you focus strong defences at identified weak points, you’re more likely to repel a threat.”
Businesses should know what is being said about them, both on the Internet and the ‘dark web’ (the part of the worldwide web that’s only accessible through special software, allowing users and website operators to remain anonymous or untraceable). Then a focused and efficient defence can be created, says Buss.
“The threat from the dark web is intensifying – meaning it should be analysed in detail. Threats arising from the dark web is an aspect of cyber-security most people don’t know about, and this is worrying as most businesses do not have an appreciation of the potential for attack.
“Don’t use the firefighter mentality and jump from one cyber-security fire to the next. Do it once and do it right,” Buss says.
Note: This article is part of the wider Vision 2020 cover story published in the February 2020 issue of NZBusiness.