Cybersecurity strategies are failing

Cyber firm pleads with enterprises to wake up to the data security crisis before financial and legal fallout becomes catastrophic.

  • Tuesday, 22nd April 2025 Posted 1 year ago in by Phil Alsop

Certe has released two hard-hitting whitepapers exposing the harsh reality: businesses are pouring billions into outdated security models that do nothing to stop data breaches. Their research dismantles the illusion that network security protects enterprises and reveals the cold, hard truth: data is the only asset that matters, and companies are failing to protect it.

From the research, it was quick to conclude that despite the cybersecurity industry’s relentless push for firewalls, endpoint protection, and network monitoring, businesses are still being hacked. The reason? They’re guarding the wrong thing. Enterprises obsess over securing the perimeter while cybercriminals walk straight past their defences and steal what they came for: data.

Paul German, CEO of Certes, doesn’t mince words: “Cybercriminals do not steal networks, they steal data. Intellectual property, financial records, customer information, and trade secrets; these are the goldmines. A breach can happen without a single firewall being compromised, yet the business impact is catastrophic.”

He continues, "Data is now more valuable than cash, real estate, and even physical infrastructure. A manufacturing plant can be rebuilt, but once sensitive data is exposed, it’s gone forever. The explosion of ransomware, insider threats, and relentless regulatory crackdowns means a data-first security strategy is no longer optional, it’s survival.”

The statistics are alarming. IBM reports the average cost of a data breach hit $4.45 million in 2023, yet this is just the tip of the iceberg. The reputational damage, lost customers, and crushing fines under GDPR, CCPA, and other regulations can cripple a company overnight.

Traditional cybersecurity is stuck in the past, relying on perimeter-based security when businesses operate in a borderless, cloud-first world. Remote work, SaaS applications, and third-party integrations have shattered the concept of a “secure network,” leaving companies dangerously exposed. Worse still, insider threats and simple misconfigurations are often the cause of breaches, not elite hackers.

"The biggest lie in cybersecurity is that protecting the network protects your business," says Simon Pamplin, CTO of Certes. "Attackers are already inside. Employees, contractors, and even trusted partners can be the weak link. A zero-trust approach assumes breaches are inevitable, so the only way forward is to make stolen data useless.”

Certes is calling for enterprises to abandon failed security strategies and adopt a Data Protection and Risk Mitigation (DPRM) approach. By leveraging encryption, access controls, and zero-trust principles, businesses can render stolen data worthless, even if attackers get inside the network.

Paul German concludes, “The message is clear: securing networks is a fantasy. If businesses don’t rethink their cybersecurity priorities now, they’re not just at risk, they’re already compromised.”

UK's pragmatic approach to AI automation prioritises pre-built solutions over bespoke development, contrasting with US's costlier custom-centric...
Certification's true value lies beyond speed, focusing on continuous system improvement for genuine resilience.
Evolve IP's recent session in Rotterdam brought UK and Dutch partners closer to foster collaboration and growth within the tech industry.

NetApp reveals StorageGRID 12.1 to enhance AI workloads

Posted 4 days ago by Sophie Milburn
NetApp releases StorageGRID 12.1, enabling better management of AI workloads across distributed environments.
The UK government has announced funding for new AI labs focused on reliability and efficiency, with collaboration planned between researchers and...
Exploring the critical role of trustworthiness in AI for CSPs and how it affects the future of autonomous enterprises.
Toby Weiss steps in as CEO of Securonix, aiming to enhance security operations amid evolving threats.
Exploring the shortcomings in AI governance and the potential avenues for managed service providers to bridge the gap between confidence and control.