The recent cyberattacks on London councils have exposed a fundamental weakness in today’s cybersecurity strategies. Despite organisations investing heavily in perimeter defences such as firewalls, anti-phishing measures, and zero-trust policies, cybercriminals continue to breach these barriers. The reason? Traditional best practices focus on keeping attackers out, rather than protecting what truly matters; the data itself. Simon Pamplin, Chief Technology Officer at Certes, discusses.
Perimeter defences are no longer enough
The stakes in cybersecurity have never been higher. Attackers no longer rely on brute-force break-ins; instead, they exploit stolen credentials to log in undetected. Studies show that over 84% of breaches now involve credential theft, allowing cybercriminals to bypass traditional security measures entirely.
Meanwhile, the financial impact of these breaches is soaring. Ransomware demands have skyrocketed, with the average ransom payment now exceeding $2 million; a staggering increase from $400,000 just a year ago. But the costs extend far beyond ransom payments. Organisations face an average of $2.73 million in recovery costs, not to mention the reputational damage that follows, often leading to lost customers and diminished trust.
For public sector organisations, the fallout can be even more severe. Data breaches in government agencies and councils compromise sensitive personal data, eroding public confidence and triggering regulatory scrutiny. Despite these risks, many organisations still rely on outdated security models that focus solely on network protection. But when attackers are logging in rather than breaking in, traditional defences offer little protection.
The business impact: more than just financial losses
Cybersecurity is no longer just an IT issue; it’s a boardroom crisis. Regulatory bodies such as GDPR, DORA, and NIS2 impose hefty fines on organisations that fail to secure data adequately. For financial institutions, non-compliance with DORA alone can lead to penalties of up to 2% of global revenue.
Beyond financial losses, reputational damage can be devastating. Customers and clients expect their data to be handled securely, and a single breach can drive them away permanently. Operational downtime resulting from an attack can halt productivity, costing millions in lost revenue. Perhaps most concerning, executives now face personal liability for failing to protect sensitive data. CEOs and CISOs are increasingly being held accountable, meaning cybersecurity failures could have career-ending consequences.
The shift to data-centric security
If cybercriminals are after data, why is security still focused on protecting the perimeter? It’s time for organisations to shift their mindset and prioritise a data-centric security approach. The fundamental principle of this approach is simple: assume breaches will happen and ensure that, if they do, the stolen data is worthless to attackers.
This is where solutions like Data Protection and Risk Mitigation (DPRM) become essential. By encrypting, tokenising, or otherwise devaluing sensitive data, organisations can render stolen information unreadable and unusable. Even if attackers successfully infiltrate a network, they won’t be able to exploit the data they access.
Equally important is protecting backups. Many organisations fall into the trap of securing live data but neglecting backup systems. Cybercriminals often target backups in ransomware attacks, leaving businesses with no choice but to pay up. A robust backup protection strategy, incorporating immutable backups and air-gapped storage, is vital in mitigating ransomware risks.
The ultimate defence: a multi-layered approach
Creating an impenetrable defence may seem like a pipe dream, but a multi-layered security model that neutralises threats before they cause harm is achievable. A comprehensive approach should include:
● Proactive security measures: Implementing encryption, tokenisation, and access controls to devalue data.
● Regulatory compliance: Adhering to frameworks like GDPR and DORA to mitigate legal and financial risks.
● Rapid recovery capabilities: Ensuring businesses can resume operations quickly after an attack, minimising downtime and financial losses.
● Advanced threat detection: Using AI-driven analytics to identify and stop threats before they escalate.
By integrating these elements into a unified security strategy, organisations can not only defend against cyber threats but also maintain business continuity and protect their reputations.
The future of cybersecurity: act now or pay later
Ransomware and data breaches are not just technical threats; they represent financial, operational, and reputational crises. The reality is clear: perimeter defences alone are failing, and organisations must act now to protect what truly matters.
Building higher walls will not stop attackers. Instead, businesses and public sector organisations must invest in making the data itself untouchable. By shifting to a data-centric security approach, implementing robust encryption, and ensuring resilience through protected backups, organisations can render cyberattacks ineffective.
Cybersecurity is no longer about preventing breaches altogether—it’s about making stolen data useless. Until organisations embrace this mindset, breaches will remain inevitable. The time to rethink security is now.
Recent Comments