I.T.G. Electronics
News
31 January 2025

8 ways to provoke a cyber attack

Gartner, a research and consulting company specializing in information technology markets, has named the “weaknesses” of cybersecurity for many organizations. To reduce the risks, it is enough to eliminate these 8 main errors.

1. Invisible systemic risk

Companies make decisions every day that negatively affect their security readiness. For example, they use old equipment and software to save money. This increases the likelihood of a serious attack.

Solution: Recognize and identify systemic risks as part of daily security management.

2. The cultural gap

Many non-IT executives continue to neglect security, meaning that the cybersecurity action pool is not considered part of the business solution.

Solution: Place cybersecurity in a business context so managers can see the implications of their decisions.

3. Investing money into the problem

You will not be able to fully secure your company, no matter how much money you spend on it. However, it may well be detrimental to the normal functioning of the organization.

Solution: Avoid excessive security investments that increase operating costs and hinder business results.

4. Security as a “protector”

It is normal practice for security personnel to block the product release for security reasons without taking into account the business results.

Solution: position security as a function aimed at business opportunity.

5. Liability breach

While responsibility means that someone will be fired if something goes wrong, no one will interfere.

Solution: reward decision makers who maintain a balance between security and business.

6. Poorly worded risk statements

Do not promise to engage only in low-risk activities as this can create an invisible systemic risk.

Solution: Establish mechanisms to accept risk within certain parameters.

7. Unrealistic social expectations

When a critical incident occurs, such as a data breach by a large company, everyone just wants to find the guilty ones. But this is not fair because our society still does not understand clearly how it actually works. As a result, when an incident occurs, it is assumed that someone has made a mistake. However, society will not change until organizations and IT departments start to talk about security differently.

Solution: announce your decision to balance the need for protection and business rather than finding the guilty ones.

8. Lack of transparency

Some senior managers are reluctant to recognize that safety is not ideal or discuss challenges and opportunities for improvement.

Solution: To cope with problems, IT and non-IT leaders should be prepared to understand and discuss the realities and limitations of how security works.

arrow
Back to all news
arrow
Back to all news
We and our partners use technologies, such as cookies, to personalise advertising and content based on your browsing habits, and to measure and analyse use so that we can improve our website and services. Learn more about this in our Cookie Policy and about the related use of your personal data in our Privacy Statement. Click “Accept Cookies” to agree to the use of these technologies and your personal data, or "Cookie Settings" to tailor your preferences. Change or withdraw your consent at any time via our Preferences Centre.
Accept Cookies
Cookie Settings