Cybersecurity: the concern of the modern world

Currently, the integration of markets and the formation of increasingly interconnected ecosystems have brought various benefits to the business world and organizations, but they have also created an increasingly complex and challenging scenario from the point of view of cybersecurity.

As companies deepen their digital transformation programs aimed at increasing productivity and operational efficiency, the risks of cyberattacks grow exponentially. To give you an idea of the impact of this threat on the market, in the last 12 months, 83% of organizations reported having suffered cyberattacks, according to data from the Innovation Catalyst study conducted by Dell Technologies.

For this reason, in today's digital world, cybersecurity has become a relevant element for business growth and continuity.

Where does the threat come from?

According to Global Threat Report 2024, prepared by CrowdStrike, cyberattacks are becoming more sophisticated and targeted, with organized groups often associated with nation-states seeking sensitive information and competitive intelligence.

IBM, in Threat Intelligence report produced in 2023 highlights that the most recurrent cyber attacks resulted from the theft/compromise of credentials and phishing followed by misconfiguration of the cloud. The report also indicates that more than half of the malicious attacks were committed by external intruders or internal criminal agents and 22% are due to human error. The attacks primarily targeted customer personal data, organizations' intellectual property, and employee data, in that order.

The IBM security team, at Another study conducted in 2023, points out that, increasingly, cybercriminals are logging in instead of hacking into accounts. This is because of the ease of acquiring credentials and the difficulty that defenders have in distinguishing between the legitimate use of the user's identity and unauthorized misuse.

Challenges

While companies are aware of the dynamism of the digital environment in which they operate and the need to use data to drive innovation and stay ahead of the competition, they also recognize the difficulty of keeping up with the pace of this disruption.

O 2024 annual cybersecurity study produced by KPMG and (CS) 2AI highlights that one of the main challenges faced by companies stems from the lack of trained security personnel, a problem that is increasing significantly every year. Hiring and retaining specialized professionals has become a critical problem in the face of the increase in cyber threats and the need to implement programs and controls for prevention, mitigation, and remediation against cyberattacks.

Additionally, or IBM Report indicates the difficulty of correctly identifying where the corporate data is located. Although organizations can control the data found in their systems, it is not possible to say with certainty whether certain data was downloaded to personal or even corporate devices, or if new information was produced and stored without proper control. The study shows that 35% of the violations identified involved hidden data (Shadow Data). The report also highlights that storing data in different environments is a common strategy, but one that significantly increases the risk of an attack. This challenge is even amplified when Artificial Intelligence is placed in this context, since it will also hold information that will need to be mapped, since, if compromised, it could generate losses.

O Global Threat Report produced by Crowdstrike In 2024, it points out that the use of Artificial Intelligence in organizations was identified as one of the current cyber threats with the greatest potential for disruption, since they can be used for the development and/or execution of malicious operations on the computer network as well as to amplify the reach and effectiveness of social engineering acts.

Businesses around the world are all feeling the pressure to adopt AI in their operations for the agility, efficiency, and scale gains generated by this resource. However, the rush to adopt generative AI in the daily lives of companies has trampled the capacity of information security areas to understand, map, and prepare against the risks created by the use of these applications. While Artificial Intelligence provides numerous advantages, its use also introduces challenges to information security that should not be overlooked.

Finally, another factor of attention for companies is the detection time and the containment time of cyberattacks. According to the IBM Report, in the case of credentials stolen or misused by malicious internal agents, the detection and containment time of the attack lasted an average of 290 days. This is due to the difficulty in distinguishing between legitimate and malicious user activity on the network. The average response time to phishing attacks, on the other hand, was 261 days. This factor also ends up increasing the costs of the incident.

The Cost of a Data Leak

The costs associated with cyberattacks are alarming. Studies show that the average cost of a data breach can exceed millions of dollars.

According to White House report Regarding the US cybersecurity posture, these types of attacks cost the global economy trillions of dollars annually, directly impacting productivity and consumer confidence. In addition to the direct financial losses resulting from the incident, such as Downtime operational, carrying out post-violation responses, such as hiring staff for customer service help desks and payment of regulatory fines, there is also a loss of the organization's reputation and a decrease in customer confidence.

The IBM report highlights that, in 2023, the global average cost of a cyberattack was USD 4.45 million, representing an increase compared to previous years. In the technology sector, the average cost of a data breach was around USD 5.5 million, while in the healthcare sector, the average cost per breach reached USD 9.8 million.

This scenario reflects the importance and sensitivity of the data that must be protected, the increasing complexity of investigations, and the need to implement more comprehensive remediation measures.

How can companies protect themselves from cyberattacks?

Faced with a constantly evolving threat landscape, organizations must adopt a proactive and multifaceted approach to cybersecurity. For this, it is essential to have a well-designed, audited and tested Information Security program. Key controls and best practices that these programs must contain include:

Implementation of an Efficient and Continuous Awareness and Training Program

As seen, one of the main causes of security incidents stems from human error. Therefore, creating a culture of security in the workplace becomes an essential element in cyber defense strategies. Clarifying about the risks to which professionals are subject and empowering them to be self-sufficient to adopt practices that reduce exposure to threats specifically contributes to detecting and interrupting attacks of phishing and of theft/compromise of credentials.

Use of Artificial Intelligence

The use of automated processes and AI in the area of information security has proven to be an efficient strategy for preventing, detecting, investigating, and responding to cyberattacks. According to the IBM Report, companies that used AI in their information security processes reduced their average breach costs significantly.

Implementation of Safety Monitoring and Assessment Tools

Implementing security monitoring and assessment tools, such as intrusion detection and penetration testing, helps identify vulnerabilities before they are exploited. Additionally, it's important to keep all systems and applications up to date to protect organizations against new vulnerabilities. A regular cycle of updates and Patches should be part of the security strategy.

Another important factor to note refers to the frequent decentralization of data in various environments, which makes it difficult to manage it. The use of AI and various SaaS solutions in organizations' operations expands the attack surface, requiring more efficient control of the supply chain, as well as well-defined usage and access policies.

Access Management

With the increase in attacks caused by credential breaches, it has become even more important to maintain assertive policies, controls, and tools for identity and access management (IAM).

Recommended practices include increasing the level of access security, with the deployment of multiple factor authentication (MFA) whenever possible or the replacement of passwords with access keys, normally stored on the devices in the user's password manager, allowing login to websites and applications using a fingerprint, facial recognition or a PIN, for example.

Incident Response and Disaster Recovery Plans

Organizations must regularly develop and test incident response plans to ensure they are prepared to handle a cyberattack when it occurs. This includes defining clear protocols for threat detection and containment as well as for internal and external communication during and after an incident. It's also important to keep a backup data security, allowing for quick recovery from the incident and reducing the impact of damage.

In addition, after a violation is contained, the work continues. It is also necessary to ensure that the affected operation returns to normal, that the root cause is identified and analyzed, and that controls and processes are reviewed to prevent future violations.

How Clicksign protects your data and ensures the security of your supply chain

The increase in the digitalization of corporate processes requires a careful assessment of suppliers of softwares, ensuring the security of data stored on third-party systems.

Such care is even more necessary when the software or system stores sensitive information, such as contracts, personal data, and other documents containing business information, as occurs with electronic signature platforms.

Clicksign is currently the most secure electronic signature platform in the Brazilian market, considering the assessment made by the tool SecurityScorecard It is the only one in the market to be certified by ISOs 27001 and 277001, proving the high international standard of our processes and controls in the management of information security and privacy and protection of personal data.

The certification attests that the company has an efficient awareness and training program, adopts access management processes and controls, limiting access to information only to people who need it, manages vulnerabilities in order to act proactively against threat risks, and also maintains a disaster recovery plan tested based on simulations.

For more information about platform security, visit our page and test our applications: https://www.clicksign.com/seguranca.

Conclusion

Given the dynamic technological scenario in which we live, maintaining the same defense processes and a reactive posture is no longer sufficient to contain the speed and sophistication of cyber threats. It is necessary to be prepared for a more assertive and efficient action to prevent and mitigate attacks and, if necessary, for the rapid correction and restoration of possibly affected systems and data, ensuring the maintenance and generation of value for the organization.

‍

—————————————————————

Paula Abreu is a lawyer and Chief Legal & GRCS Officer at Clicksign.

‍