Cybersecurity

This Tuesday, January 28th, we are celebrating Data Protection Day, an opportunity for Easi to remind everyone of the importance of the security and confidentiality of our personal and professional information. As a 360-degree IT partner, we are particularly aware of the challenges and responsibilities related to data protection.

Why is it important to protect ourselves?

Data protection is not just a matter of legal compliance; it is also a matter of trust. Every day, we share sensitive information online, whether for financial transactions, personal communications, or in the course of our professional activities. Protecting this data means protecting our privacy and ensuring our security.


In 2024, Easi responded to 15 major cybersecurity incidents. Of all the attacks identified last year, 80% originated from malicious emails.

Phishing attacks are still prevalent. Threat actors create deceptive emails to try to phish users into providing their credentials, clicking on malicious content or installing it.

Robin Bruynseels, Security Expert

RBRU

Some interesting trends in 2024 to highlight:

  • The financial sector remains the primary target of attacks, but they have significantly increased for the healthcare and construction sectors.
  • The dwell time of threat actors involving ransomware decreased from 9 to 5 days. In other words, the time between the introduction of the malicious software into the company and the moment the hacker triggers the attack is shortening. Threat actors using ransomware are becoming more efficient, intelligent, and faster.
  • The dwell time of threat actors not involving ransomware decreased from 17 to 13 days. The same observation can be made.
     

Artificial Intelligence: Threat or data protection?

AI is both a new tool for more effective cybersecurity and a new weapon for hackers. The use of this technology is therefore very varied, but it remains a tool whose purpose will depend on the person who utilises it.


From a threat perspective, cybercriminals use AI to launch more sophisticated and harder-to-detect attacks. However, contrary to what we might think, AI cannot yet automate their operations, such as continuous flaw detection and faster identification of vulnerabilities. At least for now. Similarly, while some people already claim that AI gives cybercriminals access to more powerful algorithms, allowing them to bypass certain security systems more easily, our Security Expert, Thomas Hayen, nuances: " It's not that simple. Once again, AI can help, but it is not considered a standalone tool used by cybercriminals." On the other hand, phishing campaigns are more credible: fewer spelling mistakes in the emails sent, the formulations are correct, and the mail is sometimes even personalized. It is now more complicated to detect malicious emails among legitimate ones.
 

In terms of data protection, the use of AI also raises questions. Some AIs, like Microsoft Copilot, emphasize security by not learning from user-provided data, unlike other models like ChatGPT. However, caution is still necessary because even if Microsoft secures exchanges with AI, Copilot uses all the data it has access to in its environment. This means that if you do not properly protect certain files, it can also draw information from them and transmit it to certain people who, for example, should not have had access to it.

No AI is completely secure. A company that wants to integrate this new technology must imperatively strengthen the security of its environment and also work on regulating the use of AI internally. A simple example: many people copy and paste emails into ChatGPT or Deepl without removing names, first names, and other sensitive information. It should be known that these tools are intelligent enough to decrypt and retain this content. Imagine doing this with financial reports, asking the AI to generate a graph for you. We immediately understand where the security problem lies,” warns Audrey De Crem, AI expert at Easi.


AI is not just a threat to data protection; it also helps optimize defense. First, because it facilitates the continuous analysis of large volumes of data and allows the identification of suspicious patterns, enabling more effective threat detection. AI therefore improves incident management, threat detection, and vulnerability analysis. Many solutions are enhanced with AI to optimize them.

A data breach or attack can be costly for a company

A data breach or attack can be costly for a company. It is extremely difficult to provide an exact figure, as there are direct costs (recovery, fines, legal fees...) and indirect costs (reputation, loss of clients...), but on average, according to our experts Robin and Thomas, the damage from a hack or data breach to be between 2 to 5% of the company's annual revenue. Of course, this is an average that will vary depending on the type of attack, the industry of the targeted company, and its size.

Today, we consider investments in data protection and cybersecurity to be essential. The question is no longer how to react in case of an attack, but rather how to protect oneself to prevent the company from being attacked.

Thomas Hayen, Security Expert

THAY

It should also be noted that companies that process personal data are subject to the General Data Protection Regulation (GDPR). In case of non-compliance with the GDPR, significant financial penalties may apply, which can amount to up to 20 million euros or 4% of a company's global turnover for certain infractions. 

How to proactively protect your business?

Don't wait to be attacked to react. When it comes to security, it's better to be proactive. Here are some tips from our experts:

  • Conduct regular security assessments (e.g., through pentesting)
  • Keep systems up to date,
  • Implement backup procedures and test them regularly,
  • Deploy advanced security solutions and multi-factor authentication,
  • Raise employee awareness of cyber threats,
  • Perform regular backups (offline, online, in the Cloud),
  • Have strict procedures (for payments, adding new users, changing users, etc.).

Ideally, a protected business is one that calls on cybersecurity experts to help:

  • Develop an effective incident response plan,
  • Establish a disaster recovery plan,
  • Simulate attacks to proactively test various plans,
  • And most importantly, segment its network.

The right reflexes to adopt in case of an attack

Launch your "Response Plan" and immediately contact your trusted cybersecurity partner. Together, you can:

  • Assess and measure the impact of the attack,
  • Notify your stakeholders and be as transparent as possible,
  • Work with your cybersecurity partner to investigate the origin of the attack and identify vulnerabilities,
  • Take corrective measures to contain and eradicate the threat, for example by restoring systems using backups, etc.,
  • Review the situation and learn from it to improve your security posture.

How to protect yourself privately?

It is not only businesses that fall victim to cyberattacks; individuals are also targeted. Our experts offer some advice to help you protect yourself against this threat:

  • Use a unique, strong password for each of your accounts,
  • Enable two-factor authentication,
  • Regularly update your software to avoid vulnerabilities related to outdated systems,
  • Be cautious of suspicious SMS, emails, calls, attachments, or links,
  • Avoid using public Wi-Fi for sensitive activities like checking your bank accounts online,
  • Regularly back up your data.
     

In short, 

Protecting information primarily involves awareness and adopting good practices. More specifically for businesses, it is better to surround yourself with trusted partners, like Easi, to take your security to the next level.