• Cybersecurity is more important than ever, as the cybersecurity attack surface grows daily. 
• An active cybersecurity culture is necessary and must include senior leadership participation and hands-on training for employees. 
• Businesses should be prepared for cybersecurity attacks by creating response plans and backing up their data. 

View the full session recording below.

In a conversation moderated by U.S. Representative Brenda Lawrence, Comcast Business’ Ivan Shefrin and former Governor Rick Snyder discussed the importance of cybersecurity in a business’ success during the 2025 Detroit Policy Conference. 

A Top-down Approach

With now more than twice as many machines and devices than people on the planet, cybersecurity is more important than ever. Despite cybersecurity differing between large and small and medium-sized companies, it’s necessary that each prioritizes its cybersecurity efforts. 

According to Shefrin, the cybersecurity attack surface is “growing dramatically every day,” with the surface including both people and machines. 

“Another big trend we see is that people are the weakest link. As the governor pointed out, it’s not just people. It’s people, process, and technology,” emphasized Shefrin. 

With people being the weakest link, it’s no surprise that an active cybersecurity culture is necessary. 

“If you look at most organizations, cybersecurity is never going to be their top priority unless you get hacked. You hope it’s never your top priority, but it has to be a priority. You cannot ignore it,” said Snyder. 

Snyder suggested creating a strong culture that involves training and awareness, building in a time circuit lag when reviewing emails ( i.e. hovering over email addresses before opening attachments), and ensuring that senior leadership is involved. 

Shefrin doubled down on involving senior leadership. “Cybersecurity starts at the top down,” said Shefrin. 

Be Prepared 

Shefrin’s number one piece of advice for businesses is to back up your data. Companies should practice backing up their data with a well-thought-out response plan. Second, businesses must have good network security. And third, multifactor authentication is a must to protect employee and company data. 

Incident response plans are typically overlooked, with only about one-third of organizations having a response plan in place, shared Snyder. 

2025 Cybersecurity Priorities  

With the rise of Artificial Intelligence (AI), phishing attacks are becoming more sophisticated and harder to identify. To keep up, companies are using AI in their cybersecurity efforts, leading to an AI arms race. 

Moving forward, businesses should prioritize cybersecurity. 

“We like to give a credit score to companies on their cyber health…only 6% of organizations are in the safer area. 94% are in the poorer area. We do need to start prioritizing cyber security,” emphasized Snyder. 

Shefrin echoed Snyder’s emphasis on making cybersecurity a priority in 2025, “The challenge really is that cybersecurity is a team sport…everyone should be aware and involved.” 

Upcoming cybersecurity trends include the weaponization of physical devices, like robotics and drones, quantum computing, and broken encryption algorithms. 

The conversation concluded with a warning from Shefrin, “They will go after anybody, including small businesses. I’ve seen it time and time again…so don’t think that just because you are small, they are going to ignore you.” 

Sponsored by Comcast Business