Avoid shooting with a shotgun when it comes to cybersecurity

A Dark Threat Landscape

In a sea of security threats, ransomware attacks and cyberwarfare across industries and borders, determining how to spend the budget and what actions to prioritize when it comes to cybersecurity can be overwhelming.

The Center for Cybersecurity, part of the Swedish Armed Forces Intelligence Service, constantly monitors the threat picture against Denmark and the conclusion is clear; it looks bleak. Annually they publish a report on the subject and in latest edition do they consider that:

“The threat from cybercrime is very high. The most serious cybercrime threat to Denmark comes from ransomware attacks. Cybercriminals' opportunities for collaboration, division of labor and specialization support the threat and help maintain the very high threat posed by cybercrime.”

In addition, 78% of private and financial sector companies surveyed have been exposed to phishing attacks in 2022. It establishes PwC's Cybercrime Survey, in which 518 business leaders, IT managers and specialists from Danish companies participated in the survey.

Weakest link in the chain

As an IT security manager, your primary task is to protect the security of your company's digital ecosystem. That's why it's important to be aware of potential vulnerabilities so you can address the three main pillars of cybersecurity; confidentiality, integrity & accessibility.


  • Information remains in the right hands.


  • Data cannot be modified in an unauthorized manner.


  • Systems and data are always available to authorized users.

Cybersecurity can be seen as a chain of links that together make up the company's degree of resilience against cybercrime threats, but a chain, as you know, is no stronger than its weakest link.

An example of this is that while advanced technology is in place to protect systems and data, it's no use if your users haven't received awareness training that dresses them to avoid phishing attacks. The same applies if your backup solution is both located online on disk and offline on tape in a safe. This is also of little use if no restore tests are performed that can validate that the data can actually be restored.

It is this identification of the weak links in the chain that can ultimately avert a potential disaster in the form of hacker attacks or ransomware. Therefore, holistic understanding is essential in your work with cybersecurity, as you get all the way around and get the weakest links lifted.

Structure Your Cybersecurity with NIST

So, how best to go about it? For sure, an effective tool is needed that makes it possible to find the weak links in the chain. In this way, you ensure the best basis for deciding which initiatives to launch.

A clear and effective way to reach the goal can be found at the US Agency for Standardization and Technology; NIST. They have developed a cybersecurity framework that offers a structured and complete approach to implementing cybersecurity measures in all kinds of organizations. The framework is now recognized as an industry standard and consists of five areas that companies and their IT managers need to master.

The five areas are:

Identificar: Identify which assets and processes need to be protected and optimized.

  • Before even thinking about implementing various cybersecurity measures, it is important to have an overview of where they should be deployed. Therefore, one's security vulnerabilities must be highlighted and identified.

Protects: Implement the necessary measures to protect infrastructure and data.

  • Once the overview is created and vulnerabilities assessed, then the gaps need to be patched. There's no such thing as skipping where the wicket is lowest. Staff must be trained, processes must be adopted and infrastructure must be protected with the best technology. The chain is only as strong as the weakest link.

Detect: Monitor, detect and crack down on the sites where incidents and cyberattacks occur.

  • Vulnerabilities have been identified. All necessary security measures have been implemented. But it is only now that the battle starts. Threats will constantly lurk just around the corner, but with intelligent infrastructure monitoring, as well as restrictions on the people who have access, it is possible to catch both external and internal enemies before they really get into trouble.

Respond: Have the skills and preparedness ready to respond to incidents and cyber attacks.

  • Although all the necessary measures have been taken, there are just no guarantees when it comes to cybersecurity. So if and when the attack sets in, there must be a quick response and without panic. This way you can minimize the impact of the attack and get back to normal quickly. However, it requires a competent readiness of IT specialists who are ready 24/7 and know what needs to be done and who on the team is doing what.

Recover: Be able to restore data and systems with a complete backup strategy and restore plan.

  • Although everything possible in terms of capabilities and budget was done, the thugs nevertheless managed to penetrate and compromise the systems. The company is in tatters and you can choose to pay a lot of ransom in the hope of getting back on track. However, with a complete 3-2-1 (1-0) backup strategy, systems and data can be quickly recreated in order of priority. The loss is minimal and the thugs don't get a penny.

Dress properly with a risk assessment

To avoid shooting sprees when the task of selecting measures to strengthen cybersecurity, we recommend conducting a complete risk assessment. It gives you a complete overview of the security situation in your digital ecosystem. A risk assessment aims to delve into the NIST framework and assess how well you are prepared in each of the 5 areas.

We recommend the following general approach:

1. Identification of critical assets

Assets such as business-critical systems and valuable data must be identified. Then they must be assigned a value and prioritized according to how critical the asset is.

2. Vulnerability assessment

Map simmering cyber threats and let them form the basis for evaluating any vulnerabilities that could lead to the realization of the threats.

3. Calculation of risk

Calculate your risk based on the assessment of the identified vulnerabilities. These are assessed in relation to the likelihood of the threat being realised as well as the consequence of the attack.

4. Report + Recommendations

Once the situation is mapped out, the results must be presented to the company's decision makers. Prepare a report with conclusions and recommendations that can be presented to management and decision makers for risk management and budgeting.

Guide: Make your own risk assessment

Are you ready to take a risk assessment? Download our guide and get inspired on how to work practically using our format, approach and visual scorecard.

Now that you know how a risk assessment can streamline your cybersecurity, we've created a guide on how to get started yourself.