Expanding cyber threats require stronger defences

In 2020, the National Cyber Security Centre (NCSC) in Switzerland received 10,833 reports of cyber incidents. This increase over previous years was largely driven by phishing attempts, ransomware, and other fraud-related attacks, especially as cybercriminals exploited the surge in digital activity during the COVID-19 pandemic.

By 2023, incidents had surged to 49,379 cases – more than quadrupling since 2020 and representing a 30 percent increase on 2022. As these figures only include the incidents reported to the NCSC, the actual number of attacks may have been higher.

While attacks are diverse, ransomware remains a major concern, with small and medium-sized enterprises (SMEs) increasingly targeted. Larger organizations are now quite well protected against cyber-attacks, smaller businesses thus have become the focus of criminals, resulting in greater losses. This trend underscores the expanding cyber threat landscape and the importance of adopting advanced security solutions, such as those offered by cloud computing, to improve cyber resilience.

Cyber resilience – the ability of an organization to prepare for, respond to, and recover from cyber threats – is essential for SMEs to protect sensitive data, maintain customer trust, and ensure business continuity. Cyber-attacks can cause significant financial loss, reputational damage and operational disruption. Improving cyber resilience is therefore not just a technical necessity, but a strategic imperative for long-term success.

Cloud as an enabler of cyber resilience

Cloud computing offers significant advantages to help SMEs strengthen their cyber resilience. Cloud providers invest heavily in security and provide advanced tools such as encryption, identity and access management, multi-factor authentication, and continuous monitoring. These features deliver more robust protection against cyber threats than many on-premises solutions.

Additionally, cloud services enable businesses to scale IT resources up or down based on demand, allowing security measures to be adjusted in real-time in response to emerging threats without the need for substantial upfront investment. Cloud computing also ensures reliable disaster recovery, with regular data backups that can be quickly restored in the event of a cyber-attack or other disruption, minimizing downtime and data loss.

Furthermore, cloud providers often offer tools and services to support compliance with industry regulations and standards, simplifying the process of meeting requirements and reducing the risk of non-compliance penalties.

The cost efficiency of cloud-based cybersecurity

Implementing robust cybersecurity has traditionally been costly, especially for SMEs, requiring substantial investments in hardware, software, and skilled personnel. The cost for servers, security software, and specialized IT staff can quickly add up and become a financial burden. Also, ongoing costs for updates, patches, and system upgrades – as well as training to keep IT staff current with evolving threats – can be unpredictable and difficult to manage, especially for businesses with limited budgets.

Cloud computing offers a cost-effective alternative, enabling SMEs to access advanced security features through cloud service providers as part of a subscription and eliminating the need for large upfront investments in separate security solutions. By reducing reliance on physical hardware and maintenance, SMEs can allocate resources more efficiently. The pay-as-you-go model allows businesses to scale security measures as needed, paying only for what they use – a flexibility that simplifies cost management. In addition, cloud providers continually update their security infrastructure, allowing SMEs to benefit from the latest advancements at no further cost.

In summary, cloud computing significantly reduces the cost of cybersecurity and provides SMEs with scalable, up-to-date security solutions. This cost efficiency lets businesses focus on growth and innovation while maintaining strong cyber resilience.

Compliance and assurance in the cloud

In today’s digital landscape, stakeholders and regulators expect companies to ensure the security and resilience of their IT operations, including cloud environments. Cloud technology enables SMEs to meet these requirements by providing access to advanced security features and tools that simplify the implementation of comprehensive IT security frameworks, helping them align with industry best practices and regulatory requirements. This readiness strengthens trust and credibility in their cybersecurity commitments. By adopting cloud technology, companies can effectively showcase their strengthened cyber defenses and robust IT security frameworks.

Discover more in our recent article:

Unlocking Sustainability with Cloud

How PwC can help

As revealed in our recent study, “The 2024 PwC Study: Redefining the Audit – The Impact of Digitalisation in Finance and Accounting”, transparency and assurance are essential to building trust in cloud operations including cybersecurity. Establishing robust IT security measures, conducting regular audits, and providing continuous monitoring solutions are crucial to safeguarding cloud environments. Collaborating with experts enables organizations to navigate the complexities of cybersecurity, ensuring resilience and trust in operations.