Every day, tech companies face thousands of attempted cyberattacks. How should you protect your business?
By Kevin Hyde

Cybersecurity threats are an inescapable part of doing business. Tech companies will frequently be targeted by thousands of attempted cyberattacks each day. And in an era of AI and ever-expanding vendor relationships, the risks are only growing.
How should you prepare your business to defend against this torrent of cyberthreats? Keep reading to find out.
AI and data-sharing mean cyber risks are growing
Today, tech companies face more cybersecurity threats than ever. More AI-written code increases the risk that security holes go undetected, while cybercriminals are using AI tools to exponentially increase the volume of their attacks. And as more data than ever gets shared with vendors, your company can now experience the fallout from a data breach even if your own systems are never compromised.
Watch out for:
• AI-powered attacks: AI makes it easier to carry out attacks like phishing scams, as attackers can use AI to send out a high volume of professional-looking, personalized emails to steal credentials. AI has also lowered the barrier to entry into cybercrime, with individuals who lack coding skills now able to launch attacks.
• Poorly written AI code: Most coders have now adopted AI coding tools to increase their productivity. However, AI-written code is often rushed into service without sufficient human review or other due diligence, which means it carries a higher risk of containing unknown security flaws for an attacker to exploit.
• Vendor data sharing: Because most tech companies now use many SaaS products or otherwise share data with vendors, you have to worry about your vendors’ cybersecurity on top of your own. A vendor data breach can expose your customers’ data and your business to the consequences of the breach — even if you’ve done everything right on your end.
• Practice attacks: Companies that assume they’re not big enough to be worth going after should know that smaller businesses are often used as practice opportunities by cybercriminals to test techniques before moving on to a larger target.
• Cybercriminal relationships: Bad actors have client and vendor relationships too. Consider that your company could be attacked by a hacker simply seeking to demonstrate their capabilities to a potential client or attempting a data breach on behalf of another individual or group.
What are the potential risks of a major data breach?
The most damaging data breaches occur when someone gains insider credentials to access your core systems. This typically occurs through a phishing scam, which, if successful, often means an attacker can spend months combing through your data before anyone notices.
In fact, the average data breach lasts 220 days and can result in data theft, financial damages, regulatory action and reputational harm.
Look out for both financial and reputational damages
If your core systems get breached, you risk being exposed to damages like:
• Sensitive internal and customer data stolen and sold on the black market
• Ransom payments starting at $60k
• 2-3X higher cybersecurity insurance premiums
• Regulatory action, including $500k+ fines
• Reputational damage and customer loss
• Additional costs to resecure your systems after an attack
Ransomware attacks can add additional costs
Ransomware attacks, in which an attacker gains access to your systems and then locks you out until you make a ransom payment, can be especially costly. Expect to pay a ransom in the range of:
• $60,000 for small businesses
• $500,000 for midsize companies
• $1.5 million for larger firms
Attackers base their ransom demands on finding a number that’s likely tolerable from a cash flow perspective: High enough to be worth it to them, while not so high that you simply can’t afford to pay.
Better cybersecurity comes from thinking about risk, not just compliance
It’s tempting to approach cybersecurity through the lens of compliance. Review your specific regulatory requirements, check off the boxes by implementing HITRUST or passing a SOC audit and then move on.
However, that approach leaves you unnecessarily exposed to both financial and reputational harm. Compliance standards usually lag behind evolving threats, which means you can cross every regulatory T and still have significant holes in your defenses.
That’s why more companies are adopting a risk-based approach to cybersecurity. Risk-based cybersecurity involves going beyond compliance to map out your specific threats and then prioritize managing them based on risk levels.
This can allow you to implement additional defenses to reduce your potential repercussions should you suffer an attack.
How do you implement a risk-based cybersecurity approach?
Risk-based cybersecurity involves implementing a strategy called defense-in-depth. Thisapproach essentially relies on creating multiple layers of protection so that a single point of failure doesn’t automatically lead to a breach of your systems.
With a defense-in-depth approach in place, you can often stop an attacker even after they’ve broken through one or more of your defensive layers. Defense-in-depth also involves weighing the likelihood of a given attack tactic. It’s impossible to be strong everywhere, but prioritizing defenses based on the risk they’ll actually be needed gives you a better shot at being strong where you need to be.
Here are the top action steps to help your business implement a risk-based cybersecurity approach that incorporates defense-in-depth:
1. Work with a cybersecurity advisor
Tech companies that don’t have a 10+ person in-house cybersecurity team will typically benefit from advisory support. A cybersecurity advisor can help you upgrade to a risk-based approach and apply strategies like defense-in-depth to protect your business.
2. Know your points of failure
Map out your points of failure, like a key team member opening a phishing link or a breached firewall. If you know where you’re vulnerable, it will be easier to adjust your controls, governance policies and other defenses to account for your weak spots.
3. Don’t add tools or systems you don’t need
Every new SaaS product or AI tool you add to your workflows creates a new potential attack vector as you begin sharing data with yet another vendor. So don’t start using a new tech tool just because it’s shiny — consider whether there’s real business value there before proceeding.
4. Limit network access for your team (including your C-suite)
Anyone with higher-than-necessary network security credentials represents a potential security gap, so make sure your team members have only the minimum level of network access they need to do their jobs. This goes double for your C-suite, which often has unnecessary access and may be frequently targeted in phishing scams.
5. Speed up breach detection with AI monitoring
It’s essential to have 24/7 network monitoring to watch for a breach. New AI tools can make this even more effective by detecting potential dangers even faster, allowing your team to quickly respond.
6. Do your vendor due diligence
Remember, if one of your vendors gets hacked, your data (and your customers’ data) may be exposed. Do careful due diligence on both new and existing vendors to help ensure they have implemented a responsible cybersecurity posture.
7. Establish governance policies and trainings
Your people are typically your biggest cybersecurity risk factor. To prevent your team members from exposing your data to unauthorized tools, set up clear governance policies, including those around AI use. You also need to provide regular cybersecurity training on phishing scams and other major threats and conduct tabletop exercises so your key stakeholders can practice responding to an active attack.
8. Use MFA
If you’re still not using multifactor authentication (MFA) on your core systems, now is the time to start. You’re better off using an authenticator app rather than a code sent by text message or email, as the latter method is easier for an attacker to overcome.
9. Back up your data
A worst-case scenario like a ransomware attack or a strike by a nation-state actor hell-bent on causing chaos) could leave you locked out of your systems and unable to access your data. To protect yourself here, frequently back up your data so that even if an attacker decides to wipe your systems, you’ll be able to get back up and running more quickly and less painfully.
Think of cybersecurity as a journey, not a single event
Finally, just be aware that you don’t have to install a bunch of new defenses all at once. You’ll be better off if you think of cybersecurity as an ongoing process or journey.
In fact, small but consistent actions to improve your security — like phishing and governance training and regular data backups — will often do more to protect you than a single big upgrade. If you and your team embrace this mindset, your business will be more secure.





