In a world where technology is ubiquitous, cybersecurity has become a hot topic, a top priority for businesses of all sizes. Recent reports highlight a clear increase in cybersecurity incidents, but is it a consequence of their increased visibility or a genuine escalation of the threat? In just one year, for example, the number of critical incidents (with a significant impact on production) has risen by 200%, according to the annual report of the Belgian Center for Cybersecurity*. One thing is certain: the risk is real and now affects all businesses.
Expanding business model
In addition to these alarming figures, a worrying trend is emerging: the development of a genuine business model based on the resale of compromised accounts. Whereas in the past, large corporations were the preferred targets of criminals, today the distinction based on size (in terms of revenue) is no longer an essential criterion for attacking a company. The threat is now omnipresent, touching every stratum of the economy.
Attacks are also diversifying. Cybercriminals are no longer satisfied with traditional methods. They are exploring new avenues, such as targeting production chains (OT) or even surveillance cameras (IoT). They are also becoming increasingly ingenious and original in how they trick their targets. "They can use websites you usually visit but that are not directly related to your company, such as the website of the pizzeria where you usually order lunch with your colleagues every Thursday. They will hide malicious links there and ensure that these sites are ranked first on search engines. This is called SEO Poisoning," explains Maxime Lamarche. Just last year, 1,278,295 URLs were identified as malicious, according to the annual report from the Belgian Center for Cybersecurity.
Proactive cybersecurity
"No one is safe. It's time for companies to shift from a reactive to a proactive approach. Investments in cybersecurity are no longer an option, but a necessity. To help convince your board of directors, you can use the ROSI (Return on Security Investment) model*", concludes Maxime Lamarche. The question for companies is no longer 'if' they will be attacked, but rather 'when' they will be attacked. They need to act now to protect themselves against the threats of tomorrow.
*Annual report 2023: https://ccb.belgium.be/fr/actualit%C3%A9/rapport-annuel-2023
*NIS 2: https://blog.easi.net/fr/solutions/security/nis2-directive-summary
*ROSI : https://www.enisa.europa.eu/publications/introduction-to-return-on-security-investment/@@download/fullReport
About Easi
Easi is a Belgian IT company that has been offering IT services & solutions since 1999 and develops its own business software for medium and large enterprises. In all the solutions offered, Easi positions itself as a high-value-added partner and aims for a long-term relationship with all its clients. Easi also pays great attention to the happiness of its 500 employees. More information about cybersecurity at Easi: https://easi.net/en/solutions/security
You can also find Easi at the European Cybersecurity Exhibition, which will take place on May 29th and 30th in Brussels: https://www.cyberseceurope.com/