Cybersecurity strategies are failing

Cyber firm pleads with enterprises to wake up to the data security crisis before financial and legal fallout becomes catastrophic.

  • Tuesday, 22nd April 2025 Posted 1 month ago in by Phil Alsop

Certe has released two hard-hitting whitepapers exposing the harsh reality: businesses are pouring billions into outdated security models that do nothing to stop data breaches. Their research dismantles the illusion that network security protects enterprises and reveals the cold, hard truth: data is the only asset that matters, and companies are failing to protect it.

From the research, it was quick to conclude that despite the cybersecurity industry’s relentless push for firewalls, endpoint protection, and network monitoring, businesses are still being hacked. The reason? They’re guarding the wrong thing. Enterprises obsess over securing the perimeter while cybercriminals walk straight past their defences and steal what they came for: data.

Paul German, CEO of Certes, doesn’t mince words: “Cybercriminals do not steal networks, they steal data. Intellectual property, financial records, customer information, and trade secrets; these are the goldmines. A breach can happen without a single firewall being compromised, yet the business impact is catastrophic.”

He continues, "Data is now more valuable than cash, real estate, and even physical infrastructure. A manufacturing plant can be rebuilt, but once sensitive data is exposed, it’s gone forever. The explosion of ransomware, insider threats, and relentless regulatory crackdowns means a data-first security strategy is no longer optional, it’s survival.”

The statistics are alarming. IBM reports the average cost of a data breach hit $4.45 million in 2023, yet this is just the tip of the iceberg. The reputational damage, lost customers, and crushing fines under GDPR, CCPA, and other regulations can cripple a company overnight.

Traditional cybersecurity is stuck in the past, relying on perimeter-based security when businesses operate in a borderless, cloud-first world. Remote work, SaaS applications, and third-party integrations have shattered the concept of a “secure network,” leaving companies dangerously exposed. Worse still, insider threats and simple misconfigurations are often the cause of breaches, not elite hackers.

"The biggest lie in cybersecurity is that protecting the network protects your business," says Simon Pamplin, CTO of Certes. "Attackers are already inside. Employees, contractors, and even trusted partners can be the weak link. A zero-trust approach assumes breaches are inevitable, so the only way forward is to make stolen data useless.”

Certes is calling for enterprises to abandon failed security strategies and adopt a Data Protection and Risk Mitigation (DPRM) approach. By leveraging encryption, access controls, and zero-trust principles, businesses can render stolen data worthless, even if attackers get inside the network.

Paul German concludes, “The message is clear: securing networks is a fantasy. If businesses don’t rethink their cybersecurity priorities now, they’re not just at risk, they’re already compromised.”

AI is now the leading security concern

Posted 2 days ago by Phil Alsop
AI surpasses ransomware as the top concern, as organizations navigate the double-edged sword of innovation and risk.

Workforce crisis sparks debate over HR & IT merger

Posted 2 days ago by Phil Alsop
New study of global tech leaders finds IT leaders believe combining functions could boost productivity and engagement.
Cyware survey identifies significant gaps in internal collaboration, tool integration, and automation — with only 13% confident their systems...
Seventy-seven per cent of engineering leaders identify building AI capabilities into applications to improve features and functionality as a...

Data streaming enables AI product innovation

Posted 6 days ago by Phil Alsop
In the largest global report on data streaming, 89% say DSPs make AI adoption easier.
73% are investing in AI-specific security tools with either new or existing budgets.
Public sector organizations recognize the potential of AI for enhancing decision making, improving service delivery and driving operational...

AI calls for cyber resilience rethink

Posted 1 week ago by Phil Alsop
Unveiled at the RSAC™ Conference, the 2025 LevelBlue Futures Report finds only 29% of executives are prepared for AI-powered threats, despite...