Anna Barkvall
Director of Strategic Programs
It’s not easy being responsible for enterprise security. Cyber threats are on the rise, and at the same time there are skills shortages, budget cuts and demands from new legislation such as the European Union’s second Network and Information Security Directive (NIS2).
Recently, especially in Europe, there has been an increase in the number of cyberattacks that are linked to ongoing conflicts and political instability, and we have seen organisations lose years of data as a result. Many of these cyberattacks could have been avoided, or the impact minimised, if the right measures had been taken beforehand.
Most organisations invest too little in security and too much of the budget goes to technical solutions. The budgets for working with security holistically throughout the organisation must be increased to avoid putting the digitisation journey at risk. New tools such as generative artificial intelligence provide further challenges, as any realistic-looking fabricated email has the potential to bring an IT security manager to their knees.
We also cannot close our eyes to the fact that NIS2 is different from the original NIS directive. Corporate accountability is now officially part of the directive and far more European businesses are affected. The requirements are also stricter and sanction possibilities are substantial.
So, what should organisations do?
AI and NIS2 are the focus right now and organisations should take the opportunity to adopt AI tools such as Microsoft 365 Copilot to unlock new opportunities in security. However, to do this they need to allocate time and resources to ensure safe deployment, better control and reduced risk. In the process, they can also gain control of some of the NIS2 requirements. It’s a win-win.
Security teams should also prioritise a holistic approach where security and risk management are integrated into the business and view security from all perspectives rather than relying solely on the technology.
This story is published in the Technology Recod Issue 32 Spring 2024. Check out the full digital magazine and download your copy here.