Facing up to cyber threats: what should organisations do?

Facing up to cyber threats: what should organisations do?

Orange Cyberdefense

Anna Barkvall at Orange Cyberdefense shares how a holistic view of risk management can help navigate business challenges while keeping the enterprise secure  

Guest contributor |


It’s not easy being responsible for enterprise security. Cyber threats are on the rise, and at the same time there are skills shortages, budget cuts and demands from new legislation such as the European Union’s second Network and Information Security Directive (NIS2).  

Recently, especially in Europe, there has been an increase in the number of cyberattacks that are linked to ongoing conflicts and political instability, and we have seen organisations lose years of data as a result. Many of these cyberattacks could have been avoided, or the impact minimised, if the right measures had been taken beforehand.  

Most organisations invest too little in security and too much of the budget goes to technical solutions. The budgets for working with security holistically throughout the organisation must be increased to avoid putting the digitisation journey at risk. 

New tools such as generative artificial intelligence provide further challenges, as any realistic-looking fabricated email has the potential to bring an IT security manager to their knees.  

We also cannot close our eyes to the fact that NIS2 is different from the original NIS directive. Corporate accountability is now officially part of the directive and far more European businesses are affected. The requirements are also stricter and sanction possibilities are substantial. 

So, what should organisations do?  

AI and NIS2 are the focus right now and organisations should take the opportunity to adopt AI tools such as Microsoft 365 Copilot to unlock new opportunities in security. However, to do this they need to allocate time and resources to ensure safe deployment, better control and reduced risk. In the process, they can also gain control of some of the NIS2 requirements. It’s a win-win. 

Security teams should also prioritise a holistic approach where security and risk management are integrated into the business and view security from all perspectives rather than relying solely on the technology.  

Anna Barkvall

Anna Barkvall is director of strategic programs for global portfolio management at Orange Cyberdefense 

This article was originally published in the Spring 2024 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription. 

Subscribe to the Technology Record newsletter


  • ©2024 Tudor Rose. All Rights Reserved. Technology Record is published by Tudor Rose with the support and guidance of Microsoft.