Roman Flepp, Marketing Director and Member of the Board at Threema, tells us even the most sophisticated countermeasures cannot guarantee total protection against cyberthreats.
The Allianz Risk Barometer reports that on a global scale, cyberthreats such as ransomware attacks, data breaches and IT disruptions are among the biggest worries for companies in 2024.
The consequences of a cyberattack can be very costly. For instance, the global average cost per data breach in 2023 amounted to US$4.45 million, a 15% increase over three years. In particular the Middle East is increasingly a target of cybersecurity attacks, as the The State of the UAE Cyber Security Report 2024 points out. The report concludes that this development could be linked to the economic prosperity of the Gulf Economies, as cybercriminals aim to exploit the wealth through cybercrime activities.
Higher alertness is not a guarantee against bad actors
The good news is that the senior management’s perception of digital risks is changing rapidly. Budgets for improving corporate cybersecurity and resilience are being bolstered as companies seek technological and organisational protection against criminals. In this regard, most organisations count on increasingly comprehensive protocols against unwanted intrusions. However, security experts admit that the ultimate protection against cybercrime is an illusion: even the most sophisticated countermeasures cannot guarantee total protection against cyberthreats.
Cyberattack: It can hit everyone, at any time
While anti-ransomware solutions, cyber-sensitisation of employees, the use of end-to-end encryption, strict control of access privileges, and other measures help keep attackers at bay, companies cannot afford to rule out the scenario of a cyberattack. It can hit any company at any time, even the best-prepared ones.
Arguably, some systems are more vulnerable than others: widely used tools tend to attract the attention of potential attackers due to their popularity. With over 270 million users worldwide, Microsoft Teams is one of the most popular collaboration tools and unfortunately, its popularity also makes it a favourite target. Alternative collaboration and messaging solutions with closed user groups tend to offer better protection by design. In either case, CISOs, or whoever happens to be responsible, must plan ahead, develop strategies, and prepare for disruptions to operational processes.
Having a plan B is key: What to do if the IT is compromised
Every experienced manager knows that communication is the key to overcoming serious crises in the shortest possible time: disrupted business operations must be reorganised while specialists need to identify and eliminate the cause of the incident. During a cyberattack, the internal IT infrastructure could be down. In any case, it is very likely that systems are compromised. In the event of a cyberattack, the existing communication tools should no longer be used, even if they seem to be working properly, as they could be compromised.
This is why organisations should consider a secure out-of-band emergency communication system ahead of time – once the worst-case scenario hits, it’s too late.
Out-of-band chat-communication with a secure messenger
In its Emergency & Crisis Communications Report 2024, the Business Continuity Institute points out that training and exercising of crisis communication plans is at an all-time high this year, adding that mobile phones consolidate their position as the primary tool for the management of emergency communications. A secure business messenger app designed specifically for corporate use is an effective communication tool that allows organisations to maintain vital lines of communication with management, IT experts, consultants, employees, security officers and legal teams.
During a cyberattack, a secure business messenger app helps contain the damage and most importantly, avoid potentially compromised email accounts and other collaborations tools. A secure business messenger like Threema Work is not only a secure communication channel for key decision makers that allows targeting entire departments through pre-defined emergency distribution lists. Unlike most popular applications for personal use, it also allows establishing end-to-end encrypted group chats. A dedicated business messenger is absolutely secure and fully compliant with the data protection laws in the Middle East.
Internal communication is always essential for organisations. However, during a crisis, secure instant messaging is invaluable: it enables business continuity management (BCM) and contributes to a rapid restoration of operations. Setting it up in advance is vital for resilience and reduces reaction time during an incident.
In ‘normal times’, an intuitive and secure corporate-grade messenger app can complement existing collaboration tools. During an emergency, the great advantage of having already a business messenger in place is to provide a safe data privacy-compliant means of communication to share sensitive information. It would be fair to say that a secure business messenger helps building trust at critical moments and contributes to foster the long-term business perspectives of an organisation.
Click below to share this article
