They still exist: companies that do not correctly assess the risk or impact of cybercrime. It is often SMEs that get stuck in the rejection phase.

Security gaps or incidents regularly appear in the news. However, you can see that the average person isn’t that worried about it. This is usually because the news has little direct impact on one’s own living environment. At least that is often the perception. Until “Duvel” is hacked: panic, because we definitely won’t run out of beer, right?! Aaaah, … “the people” find the idea of ​​a shortage of liquid gold more frightening than the spread of their personal information all over the Dark Web.

This is something special, but the hack is a good wake-up call for everyone who has previously preferred to bury their heads in the sand. And there are some, we notice that. Paying ransoms to criminal organizations after a hack may be tax deductible, but that doesn’t end the matter.

It is unfortunate that real-world examples of cybersecurity breaches need to be used as an awareness measure. They are obviously necessary to make the danger tangible. There are still people and organizations who are convinced that securing their (professional) network is not an absolute necessity. These are companies that are as likely to have leaks as anything else. They are the easiest target for hackers.

I apologize for you

At AXS Guard (a rare Belgian managed cybersecurity provider), we have compiled the most common excuses for denial:

• We’re not interesting to hackers anyway; What can we get now?
• I think entrepreneurship is complicated enough. I prefer to stay away from things I don’t understand.
• My website was created by an experienced party. So it will be safe.
• We only have 10 employees. I know them all personally. You definitely won’t fall for a phishing email!
• I have no time at all to study cybersecurity. I just have different priorities.
• Yes, we sometimes use a license with different employees. And yes, we share the password. It’s not that bad, is it?
• We don’t have a budget for adequate security. And it’s not at all clear what you’re putting your money on when you invest in security.
• I have few secrets. We are also transparent in our business activities.
• What are the chances that one of my employees will visit a shady website?
• I often find discussions about (online) privacy exaggerated. People spread their entire lives and their deepest secrets on the Internet. Why should I adhere to strict rules to protect your data?
• Security solutions are expensive; They are always tailored to insuring large companies.
• We employ an IT specialist. He keeps an eye on everything.

Compromised? It costs you more than just your night’s sleep.

Even companies that claim not to be concerned with digitalization seem to use (more or less) business-critical online applications in almost all cases. In other words: digital tools that control or support processes to ensure that your daily business operations run smoothly. If there is a kink (or leak!) somewhere in the (virtual) cable, operations will at least partially stop. The production of your favorite beer is at a standstill. And of course that is the business model of many hackers. You know where your vulnerabilities lie and try to get the most benefit from closing these processes. The manager is at a loss because can this still be clarified? And how?

Data recovery and related solutions can provide relief, but are time-consuming, intensive, and require specialized expertise, and the outcome is uncertain.

Additionally, the reputational damage and financial impact will not make you happy.

Is hacking an easy activity? YES!

There are accessible “communities” where you can find free hacking tools, share tips, and auction stolen data. The Dark Web is ideal for facilitating such illegal practices.

Even relatively amateur hackers can quickly break into corporate networks. Sometimes these hackers don’t do much with it themselves, but sooner or later they can cleverly sell the data to more “professional” criminals.

Are you taking a lot of risks as a cybercriminal? NO!

Hacking is a very safe activity: a cybercriminal always has a safe job and the risk of being punished is practically nil. Hackers have more reasons to feel safe than their potential targets.

Because many cybercrimes go unreported and therefore remain under the radar. As a rule, there is no criminal prosecution for abuses and crimes that are actually reported. Identifying criminals is complex and legislation tends to lag behind.

Some regimes even turn a blind eye to cybercrime. Certain regimes pursue a policy of tolerance and allow criminals to do their thing as long as they only attack “enemy” companies and governments. These regimes and their hackers do not really take into account national borders and the (legal) regulations in other countries that are intended to promote cybersecurity.

Hacking is therefore a fairly risk-free and lucrative business.

Numbers that make you uncomfortable

Why do we have to continue to fight against cybercrime and ignorance? The numbers are alarming. Current reports on phishing show that 3.4 billion (!) malicious emails are sent every day and a new phishing website is created every 20 seconds (!). Wouldn’t it be incredibly naive to think that these are aimed at everyone but you and your company?

In Europe, the number of victims of cyberattacks increased by 18% in 2022. Remarkably, 4.5 times more SMEs fall victim to cyber extortion than medium and large companies combined. Malware is a popular weapon to attack these companies.

The consequences are unfortunate: 60% of companies that fall victim to a cyberattack go bankrupt within six months.

Do you keep it simple and safe?

Securing your people, your infrastructure, your processes and your business is indeed complex. Therefore, it is really not a luxury to leave all security and its complexities to cybersecurity experts. There are very reliable and powerful solutions on the market that are suitable for small and large organizations. In this case too, it’s better to be safe than sorry!

This is a post by Alex Ongena, Founder, CEO and Managing Director of AXS GUARD. Click here to learn more about the company’s solutions.