As the world becomes more digital with each passing day, cybersecurity threats will continue to grow at a rapid pace. Artificial intelligence has become the great accelerator of threat levels, as it can amplify the speed and sophistication of cyberattacks. High-profile breaches affecting major corporations have shown the consequences of inadequate security measures, which shows the necessity of having strong security measures.
Organizations must be able to more than simply respond to cyber attacks — it is important to anticipate them before they can cause damage. Cybersecurity expert Daniel Tobok has spent decades analyzing and addressing cyber risks. He can provide insights on how businesses can achieve Cyber Certainty™—a proactive approach prioritizing digital stability over-reactive crisis management.
Daniel Tobok
One of the most significant cybersecurity breaches in recent years occurred in 2023, when MGM Resorts International suffered a ransomware attack that disrupted its operations for more than a week. The attackers, allegedly part of the ALPHV/BlackCat ransomware group, exploited a social engineering vulnerability to infiltrate the company’s systems. The breach impacted hotel reservations, casino operations, and payment systems, ultimately costing MGM an estimated $100 million in lost revenue and recovery expenses.
A similar incident occurred in 2021 when T-Mobile suffered a breach, compromising the data of over 40 million customers. The attackers gained entry through an unsecured router, and they exposed names, Social Security numbers, and other personal data. In both cases, being more digitally diligent would have benefitted the companies.
“The greater the company, the greater the risk. That executive team is responsible for managing and maintaining the privacy and protection of its commercial data, customer data, intellectual property—its hidden genius, its proprietary magic,” says Tobok. “The more compromised that company becomes, given its digital existence, the greater the threat levels grow.”
The healthcare industry has also been a major target of cyber attacks. In 2023, HCA Healthcare, one of the largest U.S. hospital networks, experienced a breach that exposed the personal information of 11 million patients. Cybercriminals accessed patient names, addresses, and appointment details. Similarly, the 2023 ransomware attack on Change Healthcare disrupted medical claims processing nationwide. This shows how cyberattacks can go further than just exposing data and impacting services needed in daily work.
In April 2024, a major data breach affected Snowflake’s cloud platform due to insufficient security measures, including the absence of multifactor authentication. High-profile clients such as AT&T, Ticketmaster, and Santander Bank were impacted, with attackers linked to the Scattered Spider group exfiltrating terabytes of sensitive data.
Another attack occurred throughout 2024, as Chinese state-sponsored groups conducted extensive cyber-espionage campaigns. The Volt Typhoon group infiltrated U.S. critical infrastructure networks, positioning themselves to potentially disrupt services during geopolitical tensions. The Salt Typhoon group targeted U.S. telecommunications providers, including AT&T and Verizon, compromising metadata and communications of political figures.
Tobok’s philosophy of Cyber Certainty™ is all about staying ahead of the threat rather than responding in crisis mode. “For all of us, it means something to be a little bit more digitally diligent, but more importantly, cyber sensitive,” says Tobok. “Cybersecurity is all about, ‘The wolves are at the door. What do we do now?’ Cyber certainty, from Daniel’s perspective, is about being proactive. Rather than worrying about the response, why not build a moat, an electric fence—not just around the house, but a 20-mile radius from the house?”
The rise of AI-driven threats shows why businesses can not afford to view cybersecurity as merely an IT concern. It now affects everyone, and cyber threats will continue to evolve, and organizations must adapt accordingly. Businesses that cannot prioritize cybersecurity will find themselves vulnerable to financial loss, regulatory issues, and reputational damage. Thus, the shift toward Cyber Certainty™ is necessary for organizations and businesses.
