Scarcely a week goes by without news breaking of a major IT attack against a big business, a public sector organisation or even a sovereign state. From hacks to breaches and ransoms to data theft, cybersecurity threats seem to abound. But what’s actually going on in the real world, and does every business or media and broadcast company really need to worry?
It’s certainly true that cyber attacks are on the rise. In the UK alone, in fact, the number of incidents rose by as much as 19% in 2020 alone.
The proportion of businesses attacked also increased from 38% to 43% in the same year – and perhaps most concerningly, 28% of them were targeted more than five times, demonstrating how falling prey once can lead to a vicious cycle of vulnerability.
So if as many as four in every 10 businesses (39%) have experienced a cybersecurity breach or attack in the last 12 months, what’s behind the deluge?
A game of risk
According to research by PwC, one factor is a change in how ransomware groups are operating.
More of these criminal enterprises are being run as affiliate programmes, which has led the number of actors taking part to spiral, and growing ransom demands – and successes – have encouraged more nefarious participants to jump on board.
Unquestionably, the COVID-19 pandemic has played a key part, too. Businesses’ rapid, often hasty rollouts of remote working practices have come back to bite them, with new weaknesses emerging for opportunistic hackers to stick their digital teeth into.
Researchers have highlighted, for instance, that remote workers will inevitably take security shortcuts for the sake of convenience, such as using insecure personal devices or home routers that can greatly heighten the risk of costly breaches.
Sudden widespread adoption of cloud technology has also had unintended consequences. In fact, global analysis by IBM found that misconfigured cloud settings were the joint-most frequent cause of data breaches – with each breach costing businesses an average of $4.41m.
Of course, some things never change, though; good old-fashioned human error still accounts for 23% of all data breaches, according to the same research.
Media and broadcast in focus
Over the last few years, many companies in the sector have fallen victim to cyber attack.
In 2016, for example, France’s TV5Monde was memorably “a couple of hours from having the whole station gone for good” after suspected Russian hackers infiltrated its network via an insecure multimedia server – and remained undetected for months.
Ransomware attackers also seized control of Nine Entertainment earlier this year, throwing the Australian company’s broadcast and print operations into chaos and locking staff out of emails and internet access.
In fact, Australia’s cybersecurity agency revealed it averted further similar attacks on other media outlets in the country – reflecting the extent to which the media and entertainment industry is being specifically targeted.
It isn’t just hackers
That brings us neatly on to one of the biggest misconceptions out there: that hackers are by far the main security threat.
It’s a popular line with those not at the coalface of cybersecurity – but, as evidenced in a recent academic paper, those who do work in the field see things differently to those in other business departments.
Most security professionals view misconfiguration and poor application of security policies as the most important threat.
While Hollywood films and tabloid splashes might suggest that cyber attacks occur when an organisation is singled out and targeted specifically, the reality is that most incidents are opportunistic in nature, taking advantage of flawed systems or users’ mistakes.
That, of course, is nothing new. A 2019 report by the Information Commissioner’s Office found that 90% of data breaches were caused by human error.
But vulnerability matters. Of particular relevance to media and broadcast is the challenge of maintaining security standards across equipment from a wide variety of vendors throughout a complex workflow; it can be difficult to achieve, with failure making companies in the sector low-hanging fruit for cyber criminals.
Fear is fine
So perhaps, then, it’s a good thing to be a little scared of what a cyber attack could mean for your business.
You may not be in the crosshairs of a villainous cloaked computer warrior striving to bring you to your knees, but it’s quite possible that something – or someone – in your IT infrastructure is leaving the backdoor dangerously ajar.
That could spell disaster. It goes without saying that companies suffering data breaches suffer in a vast array of other ways, too, from financial costs and damaged reputations to hefty fines for letting personal information fall into the wrong hands or losing invaluable media content.
Losing intellectual property, trade secrets or even the trust of your most longstanding clients can have a devastating impact – so cybersecurity definitely is worth paying attention to.
What you can do
There’s no need for sleepless nights, though.
By understanding your current strengths and weaknesses, you’ll know the major risks you face and be better equipped to minimise them.
As a technology solutions specialist and media and broadcast experts, we always encourage our customers to assess their cybersecurity on a regular basis.
Doing so will help you test your organisation’s security posture, let you see your setup from the perspective of an attacker, highlight any existing vulnerabilities and make it easier to improve your resilience.
It’s not just best practice. It’s essential.
If the thought of becoming another statistic has raised your heart rate, the good news is that our cybersecurity experts are here to help.
We can conduct a thorough security assessment of your organisation, based on what you want to gain and with the aim of providing reassurance to your specific concerns. We’ll give you clear answers and suggested actions you can put into place to significantly strengthen your cybersecurity.
A cybersecurity assessment is a powerful tool in any organisation’s defensive arsenal, and as threats evolve constantly, it’s important to review and adapt regularly.
Interested in a cybersecurity assessment or concerned your business is vulnerable?Get in touch with the team by completing the form below or emailing solutions@Jigsaw24.com. For the latest news, follow us on LinkedIn, Facebook and Twitter.
It’s been a real bounce back year for in-person expos, and ISE 2022 proved no exception. The show reported...
We sent Senior Business Manager Lee Whatton to Dell Technologies World to take in the latest developments.
Over time, devices and software become outdated, until eventually they’re incompatible with newer technologies...