How Companies Need to Respond to Growing Cyber Threats
The ongoing digital transformation brings not only opportunities but also significant risks for businesses. The latest Lünendonk Cybersecurity Study 2024, produced in collaboration with KPMG, examines the growing threat landscape in the digital realm and outlines how companies should respond to these challenges.
Increasing threats and growing risks
According to the study, 82% of companies report an increase in cyber threats compared to the previous year. Cloud transformation, in particular, has significantly expanded the attack surface. 58% of the companies surveyed view the use of cloud technologies as posing an increased risk of cyberattacks. Phishing attacks are particularly concerning, as they are becoming increasingly sophisticated and difficult to detect due to the use of artificial intelligence (AI). In addition, companies are struggling with inefficient vulnerability management processes and are increasingly facing insider threats, such as data theft or sabotage by their own employees.
From Protection to Resilience: New Approaches to Cybersecurity
The study’s findings make it clear that many companies need to fundamentally rethink their cybersecurity strategies. The trend is shifting away from purely defensive IT security toward holistic cyber resilience. Key areas for action include:
- Transparency and Risk Assessment: Companies should conduct a thorough analysis of their IT infrastructure and potential vulnerabilities in order to implement targeted security measures.
- Security by Design: Security considerations must be integrated into the development of new software, products, and processes from the very beginning.
- AI-powered solutions: The use of AI can help companies detect attacks more quickly and address vulnerabilities more efficiently.
- Addressing the shortage of skilled workers: Since experienced security experts are in short supply, companies must increasingly rely on technology, automation, and AI.
Comprehensive Strategies for Robust Cyber Resilience
For companies that have already firmly established cybersecurity, new regulations such as DORA, NIS-2, and the Cybersecurity Resilience Act offer an opportunity to further optimize their security strategies. However, these regulations require a shift in mindset and ongoing investment to achieve comprehensive cyber resilience. Companies that consistently follow this path will be better prepared for the challenges of the digital age and will be able to secure their long-term business success.
Conclusion
The study shows that companies must not only respond to current threats but should also take proactive measures to strengthen their cyber resilience. By adopting new technologies, complying with regulatory requirements, and adopting a strategic approach, companies can effectively manage the risks of digitalization while capitalizing on the opportunities it presents.