2022, an eventful year for cybersecurity

In 2022, inflation, the war in Ukraine and the aftermath of the Covid-19 pandemic had a significant impact on many businesses. In this uncertain situation, there has been an increase in cyber attacks.

Since the beginning of the pandemic in France, the number of cyber attacks has really exploded, 400% increase. Indeed, many companies have experienced an increase in attacks due to the massive adoption of telecommuting. It is estimated that cybercrime will cost businesses around the world approximately $10.5 trillion per year by 2025.

It is difficult for companies to balance flexibility and security in their IT environment. Most of the time, cybersecurity weaknesses are easy to detect, but harder to fix. Companies are not sufficiently aware of the potential risks, while cyber attacks continue to grow.

ย 

Who is concerned by cybersecurity?

All companies are affected by cybersecurity risks. Large corporations with significant resources are logical targets for cybercriminals who know there is much to gain.

However, very small businesses are far from being immune. Often feeling less concerned, not always having the internal expertise and systems required to protect themselves, they are also prime targets.

Finally, public institutions and administrations (local authorities, ministries, health agencies, etc.) that manage large amounts of sensitive data are also exposed to cyber threats.

 

A forced awareness

In 2022, French companies were more aware of the risks and consequences associated with cyberattacks. Companies now consider cyberattacks as the main threat to their business, surpassing the consequences of the pandemic and economic losses. The perception of this risk is even higher among companies that have already been victims of a cyber attack.

 

France, an average student in the fight against cybercrime

With 52% of companies having reported at least one cyberattack in the past year, France ranks second among the most affected countries in Europe (the first being the Netherlands with 57%).

To quote some figures:

  • 60% of the victims of cyber attacks are small and medium-sized companies, which have fewer resources to protect their information systems.
  • The average cost for VSEs/SMEs remains relatively stable at โ‚ฌ18,645 (compared to โ‚ฌ19,570 in 2020).
  • The public sector is notoriously targeted by cybercriminals, the sensitivity of the data they host and the media effect that follows an attack have made them a prime target.
  • New sectors of activity affected: tourism (61%), services (58%), shops (58%).

However, the maturity of companies in France in terms of cybersecurity is considered relatively low compared to companies in other countries. This is mainly due to a lack of awareness, a lack of budget and a lack of competent personnel in the field.

 

Increasingly aware companies

In 2022, there are changes in corporate spending, with increased budgets allocated to technology and human resources for cybersecurity. While attitudes about data protection are changing, there is still much to be done.

Employee mistakes are a particular point of concern. Indeed, 2/3 of organizations believe that telecommuting leads to an increase in cyber threats, but only 43% of companies have educated more than 75% of their employees about the risks.

The budget allocated to cybersecurity is increasing slightly. It now represents 22% of total IT spending. The strategic priorities of companies have also evolved:

  • Resolution of existing threats and vulnerabilities (58%),
  • Achieve or maintain regulatory compliance (55%),
  • Guarantee the security of client services and applications (55%).

 

What are the trends for 2023?

2023 is shaping up to be a very busy year in cybersecurity. After a 2022 that saw cyberattacks increase and the global environment become more tense, protecting against cyberthreats becomes a major issue for businesses.

 

New types of threats

Among the types of cyberattacks that have increased in 2022 is ransomware. While this practice primarily targeted large companies and organizations, it is now targeting SMBs/SMBs.

The health sector has also been strongly affected in France, for example the hospital of Oloron-Sainte-Marie, the hospital of Dax or more recently the hospital of Versailles. Concerning this type of threats, companies can protect themselves thanks to cyber insurance, a tool that can be useful to help companies recover in case of malicious acts.

Deepfakes can become a choice for cybercriminals in executive fraud. It could also lead to more serious problems such as, identity theft, falsification of information or even fraudulent use of personal data.

Telecommuting, a risk factor

In 2023, telecommuting will continue to be a challenge for infrastructure security. Employees will increasingly use personal devices to do their work, increasing the number of access points and potential vulnerabilities that hackers can exploit.

Financial companies will be the next prime targets for cybercriminals. Nearly one-third of successful breaches in this sector are caused by internal actors, often employees who are unaware of the threat they pose to their company.

 

New regulatory frameworks

New regulations will emerge, such as the Digital Operational Resilience Act (DORA), which aims to improve the IT operational resilience of financial services companies by implementing a specific governance and internal control framework (ICT risk management framework). This law establishes a new governance and internal control framework concerning :

  • IT risk management,
  • Technology incident reporting,
  • Third-party risk management, including direct supervision of "critical" service providers...

 

Why is a company like Ellisphere concerned?

Ellisphere is directly concerned as a major player in the world of data. Indeed, the company is positioned in one of the three key sectors particularly targeted by cybercrime: Technology, Media and Telecoms, Financial Services and Energy. Two thirds of French companies in these sectors have experienced at least one cyber attack in the past year.

In this context, Ellisphere is committed to protecting the data exchanged with its customers in compliance with applicable regulations and regulatory frameworks. To this end, the company implements security measures to protect its information systems and data from all possible threats, such as attempted theft, loss, alteration and unauthorized dissemination of personal, financial, technical or commercial data.

 

How to protect yourself from cyber risks in your company?

There are steps companies can take to protect their systems and data from cybersecurity threats, such as: implementing security policies and protocols, educating employees about cybersecurity risks, implementing IT security solutions, conducting regular penetration tests, implementing a disaster recovery plan, implementing continuous monitoring of systems and data, and complying with data protection standards and regulations.

 

Develop: It is critical to have a cybersecurity strategy in place that sets the security standards for employees, partners and customers. This strategy should include rules for computer, network and data use, as well as protocols for handling security incidents.

React: In case of a computer attack, it is recommended to consult the Cybermalveillance.gouv.fr website for help and guidance in resolving the problem. It is also important to file a complaint with the nearest police station to obtain proof of the incident, which can also be used with your insurer. Finally, it is necessary to notify the CNIL within 72 hours of the attack, as well as the persons concerned in case of a serious violation of privacy.

Educate: It's important to educate employees about the risks of phishing emails, social networks and malicious websites, as well as safe practices for password management and use of public WiFi networks.

Detect: Companies can use incident detection and response systems(SIEM) to identify attacks and security incidents by analyzing security logs and using algorithms to spot anomalies.

Control: Protocols and controls must be in place to manage access to sensitive data, and be closely monitored on an ongoing basis. User and Entity Behavior Analysis(UEBA) can be crucial to assess employees and monitor unusual activity in the workplace.

To go further...

infog_cyber

Lexicon

Ransomware is malicious code that blocks access to your device or files by encrypting them; cybercriminals then demand payment of a ransom to have your data decrypted. In the majority of cases, cybercriminals exploit known vulnerabilities in software, but whose patches have not been updated by the victims.

Altering an image, video or sound in order to deceive Internet users. The realization of this multimedia "hypertrucage" generally consists in harming by knowingly diverting the image or the voice of a person.

Fraudulent technique intended to lure the Internet user into communicating personal data (access accounts, passwords, etc.) and/or banking data by pretending to be a trusted third party.

SIEM tools collect, aggregate and analyze large volumes of data from an organization's applications, devices, servers and users in real time to enable security teams to detect and block attacks. SIEM tools use predetermined rules to help security teams define threats and generate alerts.

Powerful cybersecurity tool that detects unusual behavior based on network traffic patterns. It helps security professionals identify anomalies by using basic activity statistics and comparing them to actual user behavior.

2022 review cyber cyber attacks cybercriminals cyber surveillance cyber security companies risk management SMES rsiques VSES