by Constantinos Papadamou , COO at eSafe Solutions Ltd
In the continually advancing digital age, where businesses heavily rely on technology, the significance of cybersecurity cannot be overstated. Cybersecurity, a comprehensive term encompassing measures to protect computer systems, networks, and data from unauthorized access, attacks, and damage, goes beyond being a mere technical concern. It stands as a critical aspect of safeguarding valuable assets, maintaining customer trust, and ensuring uninterrupted operations. In this era of digital evolution, innovative and robust cybersecurity approaches are imperative, as traditional measures alone are no longer sufficient.
“The digital era has brought unprecedented opportunities for businesses, but it has also exposed them to an escalating threat landscape. Cybercriminals are growing more sophisticated, exploiting technological vulnerabilities to gain unauthorized access to sensitive information.”
The Escalating Threat Landscape of Cybercrime
The digital era has brought unprecedented opportunities for businesses, but it has also exposed them to an escalating threat landscape. Cybercriminals are growing more sophisticated, exploiting technological vulnerabilities to gain unauthorized access to sensitive information. Alarming statistics reveal a consistent rise in cybercrime, with the speed of adversaries decreasing exponentially. Two years ago, it took an adversary about 98 minutes to achieve lateral movement, in 2022 went down to 84 minutes and year to date we see adversaries move at the velocity of 79 minutes. This means that your defenses have less than an hour and a half to detect the threat, respond and remediate. Other than the exploitation time the type of attacks constantly changes. In 2023 over 71% are malware free. No hosting place is more secure than the other (on premise or cloud). In 2023 there was a 95% increase in cloud exploitation. Cyber Security practices are a must to be applied not only for the on premise infrastructures but for the cloud ones.
This reduction in time, coupled with the evolving nature of attacks, underscores the urgent need for businesses to adopt modern and integrated cybersecurity solutions.
Safeguarding Valuable Assets
Businesses, as repositories of sensitive data, including customer information, intellectual property, and financial records, face severe consequences in the event of a breach. To mitigate these risks, businesses must implement robust cybersecurity measures. Legacy solutions, such as traditional antivirus software, are no longer sufficient to counter advanced attackers. At eSafe Solutions, we continuously evaluate our cybersecurity portfolio to ensure its effectiveness against the latest threats. Modern and integrated security, along with a defense-in-depth approach, is crucial to minimizing risks.
Navigating the Regulatory Landscape: PSD2, NIS2, and DORA
In response to the escalation of cyber threats, governments and regulatory bodies have introduced legislation to enhance cybersecurity measures. Notable directives in the European Union include PSD2 (Payment Services Directive 2), NIS2 (Network and Information Systems Directive 2), and DORA (Digital Operational Resilience Act).
PSD2 Compliance: Aimed at securing electronic payments, PSD2 mandates businesses in the financial sector to implement strong customer authentication (SCA) measures and adopt secure communication protocols.
NIS2 Compliance: Focused on enhancing the overall cybersecurity posture of essential services and digital service providers, NIS2 requires companies to prioritize risk management, incident response planning, and reporting obligations. Unlike the small coverage of the initial NIS, NIS2 coverage is extended to many other business verticals. While both directives aim to enhance cybersecurity within the EU, NIS2 represents a significant evolution by expanding the scope of coverage, introducing stricter requirements, and promoting greater harmonization across member states. NIS2’s broader reach and heightened focus on cybersecurity resilience reflect the evolving nature of cyber threats and the increasing importance of digital services in today’s economy.
DORA Compliance: The Digital Operational Resilience Act establishes a comprehensive framework for ensuring the operational resilience of digital services, emphasizing risk management, incident response, and oversight of third-party dependencies.
Staying abreast of legislative changes is crucial for compliance. Adhering to PSD2, NIS2, and DORA not only ensures legal compliance but also strengthens the overall cybersecurity posture of businesses, helping them navigate the complex and evolving landscape of digital operations.
Companies subject to these directives need to act swiftly, as cybersecurity requirements necessitate time for implementation. With NIS2 becoming a legal requirement in October 2024, businesses must secure internal systems, protect external interfaces, and comply with risk management, reporting, and recovery measures to avoid fines of up to €10 million or 2% of annual global revenues. The impact of NIS2 will extend through supply chains, making cybersecurity a priority in procurement processes.
eSafe Solutions, with 17 years of experience in Cyber Security, provides services to support companies in meeting directive obligations, ensuring solutions align with extended business strategies, especially as systems span multiple cloud environments and remote work continues.
“The rising tide of cybercrime necessitates a proactive approach to safeguarding valuable assets, maintaining customer trust, and ensuring regulatory compliance. Businesses must invest in comprehensive cybersecurity strategies, including employee training, regular system updates, and strict access controls.”
Embracing Cybersecurity as a Business Priority
In conclusion, cybersecurity transcends technical concerns to become a business imperative. The rising tide of cybercrime necessitates a proactive approach to safeguarding valuable assets, maintaining customer trust, and ensuring regulatory compliance. Businesses must invest in comprehensive cybersecurity strategies, including employee training, regular system updates, and strict access controls.
Moreover, staying abreast of legislative changes, such as PSD2, DORA, and NIS2, is crucial for compliance. Adhering to these regulations not only ensures legal compliance but also strengthens the overall cybersecurity posture of businesses. On the contrary, companies that are not obliged to follow those regulations does not mean that they will not be targeted.
In the dynamic digital landscape, the question is not whether a business will be targeted by cybercriminals but when. Prioritizing cybersecurity is not just a defensive measure; it’s a strategic decision that can safeguard the longevity and reputation of businesses in an increasingly interconnected world.
Who is Who
Constantinos currently holds the COO position of eSafe Solutions Ltd. He started his career at Hellenic Bank as a Systems Analyst and gradually saved his position as an Enterprise Architect following various promotions in senior positions within Hellenic Bank.
He is an experienced manager leading technical and operation teams. Overseeing large projects, by controlling budget, activities and expected deliverables and acting as the technology lead. Currently focusing on Cyber Security, assisting companies to identify their Cyber Security risk areas and enable protection aligned to their business strategy. Enables the business leaders of the organizations to recognize that the responsibility for developing a strong security culture rests with everyone in the organization—from the top down. Targets to push organizations to adopt a cyber resilience culture by being cybersmart.