By Anurag Lal, President and CEO of NetSfere
Using personal messaging apps for business communication and collaboration is harmless – right? Wrong. This practice, which is unfortunately still widespread in an environment of relentless cyberattacks, is fraught with major cyber and financial risk.
Unsecure messaging apps are a gateway for cybercriminals to access, expose and exploit an enterprise’s sensitive data. When this happens, the cyber and financial fallout can be devastating for organizations.
To mitigate cyber and financial risk, enterprises should move to secure mobile messaging platforms with robust security and control features that are specifically designed to maintain data security, integrity and privacy.
Using messaging apps not designed for the enterprise invites a cyber risk nightmare and financial risk disaster.
Cyber risk nightmare
Cyber criminals are using unsecure mobile messaging tools to infiltrate and wreak havoc on enterprise networks and systems. Bad actors are very aware that consumer-grade messaging apps and unsecure collaboration tools were not designed for enterprise use and are tailoring attacks to take advantage of security gaps and vulnerabilities in these tools.
Data shows that the use of unsecure messaging and collaboration apps is fueling an increase in global cyberattacks. Findings from a Check Point Research report show that cyberattacks are increasing worldwide, with 38% more cyberattacks per week on corporate networks in 2022, compared to 2021. The report revealed that this increase was driven by smaller, more agile hacker and ransomware gangs, who focused on exploiting collaboration tools used in work-from-home environments.
The use of unauthorized apps in the workplace like consumer-grade messaging apps, or what is called shadow IT, introduces network vulnerabilities that put companies at risk of compliance violations and data breaches. In fact, Randori’s State of Attack Surface Management 2022 report revealed that 7 in 10 organizations have been compromised by shadow IT.
Financial risk disaster
Using personal messaging apps in the workplace can also result in crippling financial losses for enterprises. Business disruption, reputational damage, downtime, legal fees and fines for compliance violations are all disastrous effects of data breaches that impact the bottom line.
Over the last few years, many organizations learned the hard way that using these unsecure communication and collaboration tools exponentially increases cyber risk that can result in costly compliance violations. For example, a massive crackdown by the SEC on the use of unapproved communication apps led to 16 firms being fined $1.1 billion in 2022, followed by another round of violations for 11 more firms in August of this year resulting in an additional $289 million in fines.
The bottom line damaging impact of cyberattacks was recently quantified in research by ThreatConnect which found that cyberattacks can cost enterprises up to a whopping 30% of operating income.
That’s not surprising considering that IBM most recent cost of a data breach report showed the global average cost of a data breach reached $4.45 million in 2023 – an all-time high for the report and a 15% increase over the last three years.
Company stock prices also take a hit when data breaches occur. A Comparitech analysis of the impact of data breaches on the share prices of 34 breached companies that were listed on the New York Stock Exchange (NYSE), found that share prices of these breached companies hit a low point approximately 110 market days following a breach, falling -3.5% on average, and underperforming the NASDAQ by -3.5%. According to the analysis, one year after the data breach the share price of breached companies fell -8.6% on average and underperformed the NASDAQ by -8.6%. After 2 years, the average share price fell -11.3%, and underperformed the NASDAQ by -11.9%. And after three years, the average share price was down by -15.6% and down against the NASDAQ by -15.6%.
The impact of cyber risk on corporate balance sheets extends even further. Last year, the Wall Street Journal reported that credit-rating firms are warning companies about cyber risks and issuing reports on how attacks could affect their credit ratings. This has serious implications for companies as a cyber risk downgrade in credit rating can negatively impact shareholder value and investor confidence.
Evolving data privacy and security regulations present another financial risk, with regulators stepping up enforcement and issuing record fines for compliance violations. Data protection supervisory authorities across Europe have issued a total of €1.64 billion ($1.74 billion) in fines since January 28, 2022, representing a year-on-year increase in aggregate reported GDPR fines of 50%.
The right mobile messaging tools reduce enterprise risk
The growing frequency and sophistication of cyber threats present existential levels of cyber and financial risks for enterprises today. The practice of using unsecure mobile messaging apps in the workplace needlessly increases these risks.
Using enterprise-grade secure mobile messaging technology mitigates cyber and financial risks in business communication. This technology reduces the attack surface, providing no point of entry for malicious hackers intent on accessing sensitive enterprise data.
Mobile messaging platforms designed for the enterprise feature end-to-end encryption (E2EE), protecting data at rest and in transit and ensuring that only the sender and receiver can read messages. Secure by design collaboration technology like this provides employees with a convenient and frictionless way to share ideas, files, and data without the risk of data leakage or exposure.
These platforms also reduce risk with robust administrative controls that enable centralized account management, file sharing and policy compliance, remote wipe, real-time reporting and other capabilities, giving IT departments the control mechanisms they need to securely manage the distribution of information across the enterprise.
Providing employees with user-friendly mobile messaging tools that don’t compromise security or compliance is a risk management strategy that eliminates the use of unsecure mobile messaging apps. When employees have the secure tools they need to optimize their work experience, productivity increases and cyber risk decreases.
Today, organizations need to ban the use of unauthorized messaging apps and adopt enterprise-grade platforms to protect their networks and systems from the cyber threats that create cyber risk nightmares and financial risk disasters.
About the Author
Anurag Lal is the President and CEO of NetSfere. With more than 25 years of experience in technology, cybersecurity, ransomware, broadband and mobile security services, Anurag leads a team of talented innovators who are creating secure and trusted enterprise-grade workplace communication technology to equip the enterprise with world-class secure communication solutions. Lal is an expert on global cybersecurity innovations, policies, and risks.
Previously Lal was appointed by the Obama administration to serve as Director of the U.S. National Broadband Task Force. His resume includes time at Meru, iPass, British Telecom and Sprint in leadership positions. Lal has received various industry accolades including recognition by the Wireless Broadband Industry Alliance in the U.K. Lal holds a B.A. in Economics from Delhi University and is based in Washington, D.C. Anurag can be reached online at @anuragl and www.netsfere.com.
Source: www.cyberdefensemagazine.com