‘A cybersecurity attack could terminate a business’

21 Apr 2023

Iva Tasheva. Image: Cyen

Cybersecurity leader Iva Tasheva explains the true risks behind leaving cybersecurity unchecked and why AI and quantum tech are the trends she’s most excited about.

Click here to view the full Cybersecurity Week series.

Iva Tasheva is the co-founder and cybersecurity lead at Cyen, a family-owned micro-consultancy established in Brussels in 2018. She helps public and private sector organisations manage cybersecurity governance, risk and compliance.

Tasheva has experience in the public, digital, transport, banking, medical devices and non-profit sectors. She is a certified ISO 27001 lead implementer and ISO 27799 lead manager.

She was also shortlisted for Belgium’s Cyber Personality of the Year 2022 Award, which is organised by the Belgian Cybersecurity Coalition.

In an interview with SiliconRepublic.com, Tasheva said technology can be either an enabler or a risk.

“I work with people, management, IT or users, helping them understand their information security risks and options – either mitigate, avoid or accept. For example, a cybersecurity attack could terminate a business, with more than 50pc of SMEs going bankrupt in the six months following a cyberattack, according to the EU cybersecurity agency Enisa,” she said.

“Helping organisations govern and comply with information security policies, standards and legislation, I help business navigate their technology journey away from the deep ice.

‘We must acknowledge that there is no such thing as 100pc security’

What are some of the biggest challenges you face in the current IT landscape?

The biggest challenge is the training and awareness of people. Technology is moving fast, and our school system must reflect the change fully.

Industry and governments must support the cybersecurity awareness and training of creators, users and workers of the next generation.

Human error is behind the majority of data breaches, so we need bold investments in cybersecurity, not only by businesses and organisations but also by the states. We help businesses manage their cybersecurity risk and make their business strategies fit for the 21st century.

What are your thoughts on digital transformation?

Digital transformation is a journey which could bring companies from zero to heroes. But cybersecurity should be well integrated into this journey to enable digitalisation to deliver all its benefits with acceptable risks.

With this, as digitalisation projects start and run across different sectors, it is essential to consider the relevant cybersecurity risks. For example, 80pc of data breaches could be prevented with multifactor authentication.

By 2025, according to Statista, there will be 4.3bn IoT devices in Europe. If not secure, they could all be used in a massive cyberattack on any business. There are many methods of attack, and the landscape constantly evolves.

We at Cyen support clients with the latest intelligence on making their information systems secure and protecting valuable corporate data and personal data of their clients and users.

How can sustainability be addressed from an IT perspective?

Industry utilising digitalisation’s full potential to increase its sustainability is an admirable and welcomed step.

Unstructured digitalisation, however, could potentially entail cybersecurity risks in third-party providers, to which the industry becomes reliant (such as cloud infrastructure, network or security solutions), increased supply chain risks due to interconnections between sectors, and requires adaptation of the workforce.

To mitigate these risks, business leaders should not forget cybersecurity as their way of pursuing sustainability.

What are big tech trends changing the world?

AI and quantum technology. The real-life applicability of these new technologies is welcomed, but these new opportunities also come with more significant cybersecurity risks.

The EU is currently working on developing a legal framework regulating artificial intelligence. AI is mainly used to enable new business models and support research. However, it can also save costs thanks to predictive analytics.

AI is also increasingly deployed to enhance security by mitigating advanced hacking techniques and real-time monitoring networks to detect suspicious behaviour and fraud.

For instance, the health, transport and energy sectors have been revolutionised by harnessing these technologies, upgrading the level of healthcare and ensuring flexible and adaptable transport and energy networks.

On the other hand, quantum technology has been gaining prominence in both the EU and the US. Quantum computers might solve problems such as integer factorisation, which is essential for encryption and robust quantum systems in the future might decrypt today’s encrypted data.

However, we must acknowledge that existing encryption protocols rely on the computational limits of traditional computers to provide cybersecurity.

How can we address the security challenges currently facing your industry?

We must acknowledge that there is no such thing as 100pc security. It’s all about knowing what matters to you and managing its risks. Management needs to understand their risks and make it harder for incidents to occur while minimising potential disruption in the event of a cyberattack.

Cybersecurity requires some financial investment, but it requires a lot of willingness and time. Therefore, businesses across all industries need to identify, assess and manage their respective cybersecurity risks to know where to invest.

This way, they can focus the investment where it matters most and accept the cybersecurity weaknesses that do not pose a significant risk to their business. In addition, risk mitigating measures vary in impact and cost.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.