10. 11. 2022

Companies still underestimate cyber security, a hacker attack can even cause bankruptcy

Even Slovak companies are not avoiding increasingly frequent hacker attacks, and they underestimate cyber security, says cyber security expert Michal Srnec. According to him, a company can have sufficient security of IT systems even at lower costs, it is important to educate employees, use current versions of programs, including the current version of the antivirus program and its databases, regular backup of data, and especially the development and observance of basic information security principles.

Two-thirds of small and medium-sized enterprises in Slovakia do not deal with cyber security, while almost a fifth of companies faced hacker attacks. This follows from a survey of the state of cyber security published by the National Security Authority.

According to cyber security expert Michal Srnec from the company Aliter Technologies, the risk of attacks is increasing, it is related to both the war in Ukraine and the consequences of the pandemic, when many companies were literally forced to quickly move their processes to the online environment or start using them on a large scale work from home. “Hackers have of course adapted very quickly and we can observe an increased trend of attacks directly on users who work remotely. For users working from home or in a hybrid cloud environment, it is much more difficult to recognize these attacks than in a controlled environment of the organization. Often times, the motivation is not only the theft or misuse of data. Hackers can only prepare the ground, examine the reaction of the organization, or just test new methods or tools. However, in the case of insufficient security, an attack can seriously damage the company and, in the worst case, even cause the company to collapse”, says the expert.

According to the survey*, cyber security is still not a priority, so the expert calls on companies to protect their data and think about security in the online space. “Just as we don’t leave the company door open at night, we shouldn’t leave company data without adequate protection either,” explained Michal Srnec. According to him, the level of security can be increased with relatively simple measures. “The basis is the education of employees about threats in the online environment, the development and observance of security principles, and regular data backups and system updates should not be forgotten,” added Michal Srnec.

Companies should not only think about security directly in the company, working from home or using private computers or mobile phones for work can also be a risk. “If an employee has a virus on his personal computer and although he connects securely to the company server, he can easily infect it without even knowing it. A properly set security policy should ideally limit the use of private devices on the corporate network. However, if the company’s policy is set to use private devices, it is necessary to ensure adequate technical measures (BYOD policy). Care should also be taken when connecting smart watches or smartphones to company computers, as the virus can also enter the company’s systems through them. Of course, I also do not recommend connecting to the Internet via a public or unsecured Wi-Fi network,” concludes Michal Srnec from Aliter Technologies.

Source: PR

* NSA | SBA: Prieskum stavu kybernetickej bezpečnosti v sektore MSP

Survey of the state of cyber security in the MSP sector
Source: NSA