Cybersecurity is no longer a single team’s objective or responsibility. With the increasing number of threats and IoT surface area, this has gone on to become a critical aspect of every organization’s business strategy.
In conversation with Günter Koinegg, Head of Cybersecurity Services Business Line, Eviden, part of Atos , we take a look at some of the key cybersecurity patterns that emerged in 2024, upcoming predictions for 2025, and how businesses can build their cyber resilience with full steam ahead.
As a distinguished leader in the cybersecurity space, Günter Koinegg is responsible for Atos’s global cybersecurity business line. He has played a prominent role in digital transformation for clients across the public sector, homeland security and defense customers across Europe. With more than 20 years of expertise under his belt, Günter is best poised to share insights and help us brace for what cybersecurity has to offer in 2025.
Dive in!
1) What were some of the hottest topics in Cybersecurity in 2024? Were any of these unprecedented and caught the community off-guard?
AI has already started to change the cybersecurity threat situation dramatically. Now, while the cybersecurity community had predicted this, organizations struggle to update their strategies quickly enough and may need cyber agility to balance their processes and investments as the threat landscape evolves.
In 2024, the quality of phishing attacks or deepfake attacks evolved far beyond what most experts expected. Additionally, factors such as the complexity of organizations’ IT ecosystems, which hinge on the verge of IT and OT, as well as the broader perspective of the supply chain security are bringing new challenges for our cybersecurity experts.
One clear learning is that ransomware is here to stay and now we face quadruple extortion ransomware attacks, which we need to handle going forward.
2) According to you, what are some cybersecurity trends and predictions that are going to take centerstage in 2025? Why?
We need to be prepared and develop our skills and competences accordingly. That said, cyber resilience and as well as implementation of regulatory requirements and minimum standards in cybersecurity will drive the industries, and us as an established and prominent service provider. New and ongoing challenges and evolving regulatory landscape will impact how organizations consume digital.
3) Which are the sectors most likely to be impacted by cybersecurity threats in 2025?
Given the geopolitical situation across the globe, all critical infrastructure providers, like the public and health sectors, or the energy sector, as well as our financial institutions are attractive targets for cyber attackers.
Those attacks could lead to large-scale effects that may even destabilize our system. On the other hand, those targets are also attractive to reach financial benefits of a higher scale.
4) How can organizations build flexible cybersecurity strategies for sustainability amid an ever-changing yet mandatory regulatory landscape?
While many organizations may be aware of the need to educate every single team member (not just specific IT and security teams), the real challenge is the disinterest from employees (what does this have to do with me?), lack of widespread knowledge (how can I help?), and especially ignorance about the first response protocol in times of an attack (we can’t do that?).
Statutory and mandatory regulations are not just for governance and compliance, but help keep our ecosystems safer, resilient and sustainable. And it is up to each of us to be a custodian or guardian of our organizational data.
5) What is your advice to client organizations and their CISOs to brace themselves and increase cyber resilience in 2025?
Invest in your cyber resilience and build on a zero-trust model in your organization. To ensure the success of cyber resilience, you need to adopt a risk-driven approach. This allows solution architects and developers to apply minimal techniques to reduce their topmost risks. How? Well, this requires specific and ongoing analysis on key risks, the best ways to reduce or eliminate them and how this can help build a sustainable business.
By focusing on cyber risk, organizations will know the weakness in their specific environment, and then allocate the right resources to prioritize high impact security controls. Following this, they can implement the right tailored safeguards. Select the right partner to run with you and for you. This can transform your integrated security monitoring and operation, leveraging from the economy of scale in intelligence but also technology.
6) How are Atos and Eviden enabling global leaders across the world as they embrace resilience in cybersecurity?
Atos and Eviden have proven that we are the right partner for our customers to protect their assets best against ever-growing cyberthreats and trends.
Once again, in 2024, we collaborated with the IOC to show that we are the right innovative partner to protect one of the world’s most anticipated events – the Olympic summer games, this year in Paris. We are proud of our expertise, our teams, and every member’s competency! We build on this and other main references to protect our clients against the ever-growing cyber risk.
