Since joining the EU in 2004, Cyprus has benefitted from being part of a huge single market gaining access to a great number of goods and services. However, this membership also comes with certain obligations, not least of which pertain to ensuring the confidentiality of transactions and sensitive information. Unfortunately, most businesses have been slow to adopt a structured cybersecurity framework that forms part of their business processes. Successful Business talks to Panicos Georgiou, CEO of eSafe Solutions, about cybersecurity risks and realities in Cyprus.
How do you introduce and promote a cybersecurity awareness culture in Cyprus?
As cyber attacks become more prevalent and sophisticated, and as fines for breaches that expose sensitive data rise, many organisations find themselves in a rush to close their security gaps. But throwing money to buy security products is not the cure.
Business leaders need to embrace cybersecurity and make it part of their processes. They need to understand that cybersecurity is a business enabler that ensures continuity and not a business blocker. Equally important is that they invest in their people and make cybersecurity awareness training part of their culture, as humans are still the weakest link in the chain.
2020 saw a sharp rise in cyber attacks compared to previous years. How do we address this?
Let me start by saying that email still remains the prevalent attack method, as it targets people who are always easier to deceive than machines.
Phishing attacks have risen by a staggering 200% during the height of the global pandemic, compared to the same period in 2019. There was also a huge spike in targeted attacks, aiming specifically at people involved in the development of the Covid-19 vaccines.
And yes, the success rate has indeed increased, as it is becoming increasingly easier for even inexperienced attackers to produce very convincing copies of legitimate sites and emails using automated tools that take minutes to produce. On top of this, attackers are now using encrypted methods, making it harder for traditional security solutions to detect the fraud.
On the other hand, internal threats are also major.
Over the past year, there have been an increased number of incidents in which malicious insiders destroyed critical business systems, leaked confidential data, and blackmailed the organisations they worked for. Some of the insiders were involved in economic espionage, some were motivated by greed, and others compromised their employer.
Organisations need to be aware of these threats and take appropriate action to mitigate the risk. There are many avenues that an organisation can take as long as it has a solid cybersecurity plan, and this is just one of the things that eSafe can assist with.
What are your predictions for 2021? What changes will we see in cybersecurity in Cyprus and worldwide?
2020 has been the year that really brought remote working to life and created a new reality for businesses, and Cyprus was no exception. This trend will continue into 2021, and I believe it will be a model that many organisations adopt as the new norm. This, however, brings new challenges to enterprise as there is no longer a fixed network to secure and cybersecurity strategies will need to adapt quickly.
5G is a fact and with it new business opportunities are on the way. At the same time, it creates new avenues that most certainly attackers will try to take advantage of.
In the last few years we have seen the rise of IoT (Internet of Things) devices, from internet-connected light bulbs, to smart fridges, to semi-autonomous vehicles. This is only going to become more prevalent in our lives and in our businesses. However, the lack of security-by-design in a lot of what is on offer means that steps have to be taken to reduce the risk.
Finally, up to now, AI (Artificial Intelligence) has been the buzzword of the cybersecurity industry. Advancements in Artificial Intelligence and Machine Learning allows security products to detect and prevent attacks by detecting anomalies and behaviours. However, as tools and methods become more accessible, they will start forming part of the arsenal of cybercriminals making their attacks more sophisticated, stealthier, and harder to detect.
Panicos Georgiou, CEO, eSafe Solutions LTD
Panicos Georgiou is an experienced IT Security professional with over 15 years of practice in the field of cybersecurity. Panicos is an entrepreneur representing leading security vendors whilst providing cutting-edge technologies and extensive knowledge in this niche area. Over the years, he has designed tailor-made cybersecurity programmes that address the current and future needs of clients. He provides consultancy and integration services, monitoring, and incident response to a wealth of prestigious organisations such as the government, banks, law firms, financial institutions, shipping companies, and more.