Sweden Secure Tech Hub has conducted a survey and summarized it in its Digital Security 2024 report. The report provides an overview of the security challenges that companies face and presents strategies to address these. It also highlights opportunities for businesses operating in the digital security sector.
Cyber threats are increasing in complexity and scale. 90% of Swedish companies experienced at least one cyber incident last year. New technologies for carrying out attacks and breaches are evolving rapidly.
Many companies are still not adequately prepared. Despite the rising threats, 60% of organizations admitted they lack sufficient resources to effectively manage cyber threats. Among the most common types of attacks affecting both small and large companies, we still see phishing attacks and ransomware.
Strategies to Address Threats
AI and automation are seen as tools in the fight against cybercrime. Companies find that automation and AI can assist in the battle against cybercrime and are increasingly becoming part of corporate strategies. Tools that use machine learning can identify and respond to threats in real-time.
Multiple layers of security (e.g., various levels of defense) are recommended to protect against different types of attacks. Continuous training and general awareness of information security among employees across the organization are also highlighted.
Learning and training are high on the agenda
Companies reported an average 15% increase in their cybersecurity budgets over the past year. Humans are often the weakest link in the security chain.
Companies that invested in regular cybersecurity training for employees saw a 50% reduction in successful phishing attacks.
Business opportunities in the wake of cyber threats
Commercial opportunities for companies in information security are clear, as the demand for robust cybersecurity solutions is growing globally. This opens doors for Swedish tech companies in the security sector to expand internationally.
However, to meet the increasing threats, a greater focus on collaboration between companies, government institutions, and international actors is needed for a more coordinated response.
Rules and regulations are increasingly important
Regulations and laws are becoming more important. It is increasingly crucial to ensure that security systems align with new and existing regulations and laws, both within the EU and globally. Updates to cybersecurity directives (e.g., NIS 2) affect how companies should act to comply with requirements and reduce the risk of sanctions.
85% of the surveyed organizations are increasing their focus on compliance with data protection regulations, such as GDPR, highlighting the importance of maintaining security standards.
The importance of protecting personal data under GDPR and other legal requirements is emphasized, especially as the volume of data being handled continues to grow.
What to Expect
Companies expect that information security will increasingly be integrated into digital transformation and new technologies such as 5G, IoT, and cloud services. Many fear more and more sophisticated cyberattacks targeting critical infrastructure such as healthcare, the energy sector, and transportation.
The need to future-proof IT infrastructure to handle future cyber threats and the ever-changing technology landscape is highlighted. 78% of companies are collaborating with cybersecurity firms to enhance security, reflecting a trend towards shared knowledge and resources in the fight against cyber threats.
