PAUL DELAHUNTY
AtlanTec Festival 2022
The past twelve months has brought an increased threatscape, which many organisations are grossly underprepared for. As many businesses bring connected devices into their work environment, the threats only increase if they’re not properly secured.
The next eighteen months will see a vast increase in cybercrime, there were three times as many ransom attacks in the first quarter of 2020 than in the entirety of 2019. More sophisticated services are being produced, that are easy to use, cheap, and more accessible to the common criminal than ever before.
That was the beginning of the talk given by Paul Delahunty, one of Ireland’s leading information security experts during his presentation on ‘Cybersecurity Trends to Look Out For in 2022/2023’, as part of the AtlanTec Festival 2022.
Paul Delahunty is a certified CISSP (Certified Information Systems Security Professional) and is the Chief Information Security Officer at Stryve, a Carlow headquartered private cloud and cybersecurity company.
Paul started his career as an engineer with Ericsson, before venturing into the start-up world as Operations Director with moQom. He later co-founded ThorsNet, a cybersecurity and compliance company. More recently, he worked as Information Security and Audit Manager for Hostelworld Group, before joining the rapidly expanding team at Stryve, where he now managed an international team to deliver tailor-made cybersecurity services that support Government departments and SME businesses.
Paul’s presentation went over his trend predictions for cybersecurity in the next few years, and how companies can help mitigate their risk. Businesses are only as secure as their weakest links and as many companies are including more devices, their risk only increases.
The cybersecurity trends for the next eighteen months, not only include a vast increase in the frequency and intensity of attacks but in the number of connected devices and laws and regulations.
Ransomware has seen one of the biggest jumps in threats in the past few years. Someone uses it to target a company and/or their customers. The companies have to pay to get their data back and then pay again to not have it released. Ransomware will continue to grow, with a 98% profit margin and increased accessibility, it’s an easy choice for online criminals.
Critical infrastructure, AI and state-sponsored cyber attacks will increase, as well as ransomware attacks. These might not impact every business sector, but they are something to monitor.
Besides the increase in cyber attacks, there are other trends worth noting.
The Internet of things (IOT) is going to grow immensely. Today, there are over 30 billion connected devices and it’s projected to jump to 75 billion by 2025. This includes servers, phones and smart TVs, but goes beyond that to include business software, fridges and driverless cars. This highlights the growing level of vulnerability.
There will be more laws and regulations in place, as lawmakers are starting to step up. Because data is so critical to the economies of the world and the frequency and intensity of attacks have increased dramatically, lawmakers have to put laws in place to help regulate the online world.
The good thing is that many things can be done to help mitigate the risks that cyber attackers pose. Many ways that aren’t too complex or expensive either. The biggest takeaway is that security is about doing simple things correctly.
Education and awareness is the first step in companies’ cyber security measures. An organisation’s ethos is the key. Employees must be trained to have a cyber security outlook from day one and it has to come from the top down. Data security shouldn’t be the responsibility of the tech department, everyone needs to buy into this culture of cyber security.
Not all organisations can afford complex tech defenses, but they can still put the basics in place. They must make sure operating systems are up to date, they have a good anti-virus that scans devices regularly and email filtering service to prevent spam and malware from getting to employees.
Businesses need to have a plan in place that is frequently tested and well-rehearsed. This is essential so that they know what to do and can act quickly but also get back on their feet after a cyber attack. They need to know what’s important to them and make a list of their assets and Identity which are the most critical.
A key component of a recovery plan is to have secure backups. Companies that have robust and backed-up data can resume business as usual even if targeted, but only if their backups are tested regularly.
Although the risk of cyberattacks increases with each year, there are ways to mitigate them. Starting with the basics and working up from there, companies can protect themselves, and create plans so that if they are prone they don’t lose their data and can react as fast as possible.
Paul is just one of the many fantastic speakers who presented at AtlanTec Festival 2022. We are currently planning for AtlanTec Festival 2023, we would love your input if you have time to complete our questionnaire. AtlanTec Survey
Sign up for our newsletter to keep up to date, click here
For more blogs and video content from AtlanTec 2022 check out our Member’s Library