Technology category powered by

Diamandis Zafeiriades: Organisations will pay dearly for their incorrect assessment of cybersecurity dangers

Businesses that do not care about their security become vulnerable to attacks, which are also strengthened by geopolitical developments, Diamandis Zafeiriades, Chief of Digital Security Authority (DSA), Cyprus, Commissioner of Communications has warned.

He expressed concern that 40% of businesses that have not been attacked mistakenly believe they are not a target, while DDos and Ransomware threats continue to dominate the cyber threat landscape this year.

Speaking at the 4th Cyber Security Conference in Nicosia on 26 September, he emphasised the importance of protecting critical infrastructure in a constantly changing digital environment, as well as the new challenges brought by the NIS2 Directive. The Digital Security Authority plays a key role in supporting and overseeing the measures businesses take to protect themselves from growing cyber threats.

One of the key points of Zafeiriades’ presentation, entitled, ‘Securing Critical Infrastructure: Navigating the Impact and Implementation of the NIS2 Directive,’ was the criticality analysis methodology applied to identify vulnerabilities at the national level. This includes risk assessments and the creation of a security framework that provides guidelines for businesses to minimise their vulnerabilities.

Zafeiriades emphasised the importance of national strategies and the possibility of businesses to strengthen their cyber security through tools offered by the Authority, such as the free documentation package and the Security Maturity Framework that is adapted according to the level of each business.

Through a system of inspections and controls, the Digital Security Authority contributes to the continuous improvement of security. Particularly important are on-site and post-incident compliance assessments, which provide additional security in the event of cyber-attacks. In addition, the National Security Operations Center (SOC) operates on a 24-hour basis, offering early warning of cyber threats.

Zafeiriades also presented important facts that businesses should take into account. Among other things, the fact that almost 7 out of 10 businesses have carried out a risk assessment in the last 12 months. Also, half of businesses use security monitoring tools such as intrusion detection systems.

Furthermore, 40% of businesses that have not been attacked incorrectly believe that they are not a target. The belief is worrisome, especially given the fact that DDos and Ransomware threats continue to top the cyber threat landscape for 2024. Businesses that do not care about their security become vulnerable to attacks, which are also amplified by geopolitical developments, he warned.

Another important point that Zafeiriades raised is the use of artificial intelligence tools by cybercriminals. Examples are FraudGPT and large language models are used to create malicious emails or scripts. At the same time, the emerging threat of Malware-as-a-Service (MaaS) allows the development of sophisticated attacks by unskilled users.

The NIS2 Directive makes it clear that security is not just the responsibility of government, but of every business that manages critical infrastructure. Zafeiriades pointed out that businesses should invest in both technologies such as antivirus and awareness training, as human weakness is often "the first point of attack".

(Source: InBusinessNews)

Read More

AI in healthcare was at the centre of Chief Scientist’s keynote speech at EFMA
Bolt+ partners with TheSoul Publishing to bring 12 popular channels to streaming platform
Eurobarometer: Cypriots turn to social media for information on disaster risks
Damianou comments on Cyprus ranking 27th among 133 countries in the Global Innovation Index for 2024
Wargaming teams up with Reobrix to develop World of Tanks toys
Cloudflare's Sheril Nagoor on why Zero Trust is crucial in the era of Artificial Intelligence
KidIT Co-Founder presents innovative FamilyTech project supported by Cyprus-based IT companies
ASBIS-backed DISPL wins national round of 2024 Startup World Cup
Comforte AG's Andrea Renna on why a data-centric approach to cybersecurity is transforming businesses
Kyndryl’s Sebastjan Štucl: Businesses need to find the balance between resilience and change