Microsoft and its SharePoint software, Air France KLM, Bouygues Telecom… The list of large companies that suffered massive cyberattacks this summer is endless, exposing the data of their customers. But whether a company is small or large, it must take the issue seriously, explains Georges Ataya, Managing Partner at Ataya Partners (HTP.Group), Professor at Solvay Business School (ULB), and Vice-President and Founder of the Belgian Cybersecurity Coalition.
How do hackers usually operate today?
Most attacks start with a harmless-looking message – phishing – sent to a computer or mobile phone. By opening the attachment, you allow malicious software to enter your system. It can then paralyze it by shutting down key applications, the servers behind them, or even by cutting electricity or internet access. A hacker can also take over your databases to steal client information, such as contact details or credit card data, and then exploit or resell it. In fact, a whole industry now exists, with tools for increasingly sophisticated attacks available on the dark web, even to isolated hackers. Some operate within organized criminal groups with fake contact centers or help desks.
Does artificial intelligence change the game?
Cybersecurity today is a race between attackers and defenders, and AI strengthens both sides. Criminals use AI to develop new targeting methods based on specific criteria, but defenders also use AI to protect systems and respond to attacks more quickly.
Do decentralization, remote work, and the cloud make businesses more vulnerable?
Large-scale attacks against major software providers or system suppliers frequently raise the question of cloud reliability and whether servers should be brought back in-house. I don’t think that’s a good solution for SMEs, which generally cannot manage their own IT infrastructure while ensuring all essential protections. It’s not their job, nor is it economically viable. Strong protection methods exist in cloud environments: reliable credentials, multi-factor authentication, valid backups, encryption for data in storage and transit, etc. Still, it’s important to be mindful of where servers are located. The idea of a “sovereign cloud” – ensuring that data storage remains within the European Union and inaccessible from outside – makes total sense today.
Why should SMEs worry?
Many small business leaders ask me this question, but in reality, they should worry more than large corporations. Attacks are often carried out not by people but by programmed machines. These scan IP addresses, identify system weaknesses, and probe digital assets and operations. Hackers know that with mass attacks, just one or two successes are enough to make the operation profitable. Being lazy, they focus on easier, less protected targets.
How should one respond?
The key is to “run faster than the attackers.” Their main entry point is poor digital hygiene – missing protections against well-known risks. That’s why it’s crucial to set up essential protections as quickly and thoroughly as possible. Each company needs to establish its own cyber-defense rules, IT management practices, and corresponding tools. Beyond that, adopting common-sense habits helps close potential gaps. SMEs often lack resources for this basic hygiene and rely on an IT technician who usually installs only basic protections. That is not enough.
How can SMEs get support?
Cybersecurity is now a discipline in its own right, going beyond the skills of a regular IT technician. Each business needs to identify and truly understand its risks: data integrity, confidentiality, risks encountered by similar companies, and the challenges of business continuity. Based on this, appropriate protection projects can be implemented. We’ve developed a method to systematize proactive security management. With just a few half-days of work per year, any business can have access to a part-time professional information security advisor. We also help identify regional grants and subsidies that companies can use.
Where to start?
I recommend all companies to follow the basic hygiene guidelines defined by the Belgian Center for Cybersecurity (CCB). Their document Cyber Fundamentals, specifically aimed at SMEs, lists forty key protection measures. These cover risk identification, protective measures, detection capacity, incident response, and recovery practices after an incident.
Because cybersecurity is essential to protect sensitive business data, Beci regularly offers training sessions on the topic. Don’t miss the upcoming ones here.