Go to Content

We are the flag of Portugal on the internet

Blog

Inês Esteves e Marta Moreira Dias
.PT Board of Directors
23-10-2023
Cybersecurity is common sense!
If 2022 was the year of "Stolen house, locked doors", 2023 and the following years will have to be about "Prevention is better than cure".

Not so many years ago, when we heard about cybersecurity, we thought of an ultra-complicated subject, only reserved for the most technical profiles, for the greatest specialists, for those who rarely left behind their computers. It wasn't a priority for companies... and it tended to be thought that those who carried out cyberattacks had great motivations. Political objectives, against established institutions, against installed powers.

2022 changed this perception. We portuguese people realized - because we saw it and felt it ourselves - that this type of attack could affect any person, entity, institution or company. They could have an impact on the way we work or contact each other, the services we access, the news we read or the means of transportation we use. The damage these attacks caused was very visible. And the perception of how vulnerable we were changed in many ways.

Fertile ground

In the last year, cyberattacks have continued to increase. They are no longer growing at such a rapid pace, but they have not ceased to be very present in the day-to-day life of any organization. They won't. The World Economic Forum's Global Risks Report 2023 says that widespread cybercrime will continue to be one of the world's main risks, both in two and 10 years' time.

Even the smallest threat can represent a major risk. Increasingly, there are groups of professional cybercriminals who sell complete platforms and services to those without technical knowledge to carry out or mass-produce attacks. What's more, there are already tools, using Artificial Intelligence and machine-learning, that help analyze large volumes of data to automate, customize and introduce various levels of sophistication into carefully targeted attacks.

But not only the actors and their tools are growing. The ground is also increasingly fertile for this type of attack. The growth of data and the evolution of the needs of each business and organization increase the number of targets for potential attacks. What's more, the interconnectivity of devices, which will increase with the implementation of 5G and the adoption of IoT devices, could lead to an increase in the frequency and volume of attacks.

Taking advantage of gains and minimizing losses

The evolution of technology is not going to slow down. Nor can we stop ourselves from gaining from new tools, just to prevent actors who want to use them in the worst way. So the watchword must be preparation.

Companies have taken the reins and the state has also played an active role. In May, a decree-law formally created the Cyber Academia and Innovation Hub to train human resources for cyberdefense and cybersecurity. In April, the European Union's Cyber Solidarity Act was put out for public consultation, to boost cooperation at European level in responding to this type of threat.

On the economic side, leaders need to be increasingly aware of the issue and determined to make it a fundamental pillar of their businesses. There is no right architecture or formula that works for everyone, but there are areas of action that should be common to all organizations: in addition to the transversal treatment of the issue, the need for planning, the definition of response plans, methodologies for identifying and managing risks and a focus on cooperation and shared responsibility.

All this without forgetting that, above all, there is literacy and capacity building. Training and skills development are fundamental to protecting any person, institution or company. It is already clear that this will be a day-to-day challenge and concern. It's up to all of us to figure out how to tackle it before it becomes a problem.




This article was originally published on Portal Directions.




Please note: the articles on this blog may not convey the opinion of .PT, but of its author.
Back to Posts