Cyberattacks are a business. “Threat actors”, individuals or groups seeking to harm cyberspace, continue to invest in cyberspace and cause more damage because the return on investment (ROI) is a business that is tremendous. . This is a constantly evolving business model.
As Cybersecurity Awareness Month kicks off, people should protect themselves and their businesses by becoming familiar with cybersecurity’s most pressing issues, according to Aon’s Global Cyber Solutions Practice (formerly known as Stroz Friedberg). said Chetan Bhatia, Managing Director of Cyber Resilience and Engagement Management atin an interview with weekly magazine.
“Once upon a time, there were attacks that affected very small parts of the environment. Back then, the amount of impact on an organization wasn’t as important as it is today. As it becomes digitized and interconnected, it becomes very complex,” Bhatia said.
According to cybersecurity experts, ransomware, business email compromises, and identity theft are some of the most common cyberthreats for both the private and government sectors. In addition, new problems have surfaced as a result of labor migration, a recent trend over the last few years.
“There is a lot of movement in the workforce. We see a lot of insider threat issues with people taking data and intellectual property out of their organizations to new employers,” said Bhatia. . Employees can email company information to themselves or export it to external cloud storage on her device to take home sales lists and customer-specific information. This is considered a cyber-related data breach and should be followed with the same advice as any other cyber threat.
crisis management
Risk management varies from company to company and from industry to industry. Purchasing the latest prevention systems and controls is not enough. “What a lot of organizations do is buy the best or brightest new tool out there. They tend to buy it because they feel it will do the job. What I tell my clients to do is understand risk, it’s all about risk management,” explains Bhatia.
Clearly, the manufacturer’s risk is very different from that of the healthcare system or any other entity. Of course, it’s difficult to manage risk if you don’t know your key exposures to your business. What threat actors are actually doing in specific industries, below are his Bhatia recommendations for understanding and addressing potential risks to your business. As cyberattacks continue to evolve in terms of complexity and frequency, it’s important to follow the tips below.
The first step is to identify risks. “You need to identify risks and understand your critical assets and vulnerabilities. What are attackers doing and how are they compromising your information? This is the first step to cyber preparedness.” says he Bhatia.
Second, as organizations begin to deploy strategies and programs to leverage people, processes, and technology to address cyber risk, testing confirms that what they are doing is effective. is what you need to do. “You have to simulate what an attacker is doing (tools, methodologies, tactics) and actively leverage them to determine if there are any weaknesses in your environment,” he continued. increase.
But implementing a strategy once is not enough. This is his third step, continuous improvement within the organization. Bhatia advises clients to simulate incidents or conduct tabletops and have everyone discuss how to approach and deal with different possible scenarios.
The fourth step is to quantify risk. Organizations need to understand the economic impact in the event of a cyberattack. It measures an organization’s ability to respond by understanding the economic risks of cyberattacks that are unique to its industry, making sufficient investments to mitigate those risks to a level acceptable to the company, and reducing business disruption. You must have an effective response strategy to limit the amount. As Bhatia recalled, “It’s not a question of when.”
industry at risk
All industries are potential victims of attackers. Industries such as finance, banking, healthcare, and retail are highly regulated. This means having a cybersecurity program with controls and maintaining good “cybersecurity hygiene.”
Industries such as manufacturing and construction have become more dependent on technology than in the past, but regulation has not kept pace. So if attackers can influence global manufacturers, they can often get what they ask for.
“They are losing $1 million a day and the attackers are demanding a ransom of $10 million. [to restore functionality]On the fourth day or so, the executive team will consider paying the extortion amount if it helps solve the problem,” Bhatia suggested as a highly likely scenario.
The recent ransomware attack against CommonSpirit Health terrorized the entire healthcare industry, shaking leaders to check in on their cybersecurity programs. “This kind of attack happens at our best. The attacker only has to get it right once. If it happens or we have a configuration issue and the attacker is determined, we continue course until we get in,” Bhatia said.
A successful attack on a particular system does not indicate that the system did not take appropriate precautions, as discussed above. “It’s imperative that organizations in any industry stay aware of what’s going on in their industry,” he warns Bhatia. Organizations should maintain relationships with incident response firms and monitor threat intelligence sources to understand what is happening.
the cost of cyberattacks
The cost of defending against cyberattacks depends on the potential economic impact that can occur. In order to safely insure against attacks, businesses must determine the economic impact of a successful attack.
Cyber insurance is a necessary safeguard, but premiums are rising as attacks become more expensive. Only a few years ago, with no claims or large losses, getting cyber insurance was fairly cheap. Insurance used to be affordable, but that has changed.
“In the cyber insurance market, a lot needs to be done for an organization to have adequate protection. Now insurers want certain controls in place before an organization can qualify,” he said. Bhatia said. “The market is really tough right now. Without the appropriate controls that insurers are focusing on to mitigate ransomware and other cyber-related risks, and without the ability to respond quickly, it is good for organizations. It can have unintended consequences.”
