In 2020, the world has experienced many challenges. Among them, hastened digitalization has brought new opportunities but also new risks. According to the World Economic Forum Global Risks Report 2020, cyberattacks rank first among global human-caused risks and Cybersecurity Ventures predicts that by 2021 cybercrime will cost the world $11.4 million each minute.
Growing dependence on technologies makes it vital for businesses to tackle these threats and increase their cyber maturity.
Trends in cybercrime
First, we need to analyse how the threat landscape has changed. There are certain trends that have recently become dominant in the cyber sphere:
According to Code42’s Data Exposure Report, 69% of companies admit they have encountered data leaks through malpractice of their own employees or subcontractors. Often, leaks occur because an employee has a poor understanding of the cyber hygiene basics rather than underlying evil intent.
Our research suggests that since January 2020, the number of targeted ransomware attacks has at least doubled. These complex attacks are the main threat for critical infrastructure companies. Criminals interrupt IT and business processes of victim organizations, hack into remote work services, encrypt business-critical systems and demand ransom for restoring operations or even blackmail their victims. The ransom figure is also growing and might reach $1 million.
Supply-chain attacks involve a threat actor gaining access to the target company infrastructure through an unprotected organization in the same supply chain. Such attacks are hard to detect and prevent. In their report, Sonatype experts warn that in the past 12 months the number of supply-chain attacks aimed at actively infiltrating open-source software increased by 430%.
These tendencies are challenging for critical infrastructure companies. Healthcare, finance, government agencies, manufacturing, IT and telecom are the most exposed to risk.
Finance sets an example of cyber maturity
Cybercriminals are motivated by money and data, and the banking sector has always been among the most favoured targets. Since their IT infrastructure opens a direct path to large sums of money, financial enterprises traditionally have considerable experience in securing their assets.
What makes financial institutions so cyber mature?
1. Top management involvement
CEOs of financial organizations are involved in cybersecurity to the greatest extent. Since banks are the most exposed to cyberattacks, top management cannot afford to ignore the security of customer data, their company’s money or reputation.
2. Information system access control
Identity and access management within information systems in the financial sector is very finely tuned owing to regulatory requirements and the banks’ own desire to keep their customer data safe.
3. Recovery and continuity plans
Financial organizations have the most developed aspects of business continuity, as a split-second of downtime could cost the bank millions. Besides, restoring the processes requires time and money and could lead to reputational risks and customer outflow.
4. Anti-fraud system
This system is used to analyse web transactions in search of signs of fraud. It collects user behaviour data and compares it with suspicious patterns for further approval or denial. This enables financial organizations to protect themselves and their customers against various attacks, such as social engineering.
Recommendations for enhancing cyber maturity
Cyber maturity is an issue that needs to be addressed on a daily basis. It is necessary to monitor the threat landscape and apply various solutions and approaches. Here’s how to enhance it:
Recognize cybersecurity as a strategic priority: with active digital transformation, it is necessary for a business to stay alert to digital risks, placing them alongside other threats in the company’s risk profile. These shall constitute the basis for a cybersecurity strategy, in which both the CEO and CISO should be involved.
Combine various approaches to increase cyber resilience: a proper combination of risk and crisis management helps companies to prepare for any emergency situations and mitigate the consequences successfully. A risk-oriented approach involves the introduction of pre-emptive measures and the definition of potential threats, while crisis management practices and recovery roadmaps make it possible to effectively respond to a crisis.
Teach your employees the basics of cyber hygiene: as long as your employees keep opening phishing emails or using weak passwords, the risk of being breached will remain high. Therefore, it is important to raise people’s cyber literacy by providing them with the necessary guidelines and improving their resistance to social engineering techniques through phishing simulations.
Improve the competencies of your experts: your technical specialists and developers can boost your company’s cyber maturity by participating in practical and interactive training sessions that feature hands-on examples and cases or attack simulations.
You can conduct in-house exercises or join a dedicated event. Cyber Polygon, an international online cybersecurity exercise, is one such event. This year, its participants practised incident response during a targeted attack. According to the final scores, the financial institutions and the IT sector demonstrated the highest resilience with a well-developed security assessment expertise.
Introduce additional methods of protection: the traditional approach to cybersecurity is most effective when supplemented with other methods. For example, “threat hunting” could be undertaken by conducting a proactive analysis of events gathered from network sensors to detect threats that evade traditional preventive security solutions.
Outsource cybersecurity issues to expert companies: to build a cyber resilient infrastructure, organizations need qualified specialists with relevant expertise and advanced equipment as well as substantial investments in staff training and technical maintenance. To avoid problems searching for staff and building an effective infrastructure, these tasks can be outsourced to external specialists, who have extensive experience handling various types of threats daily. Outsourcing is also less costly.
Cyber maturity is defined by a whole range of parameters. To keep up with the pace of technological progress, we have to raise it and the resilience of our businesses. It is only when we gain an in-depth understanding of the risks and start applying respective mitigation approaches that we will be able to overcome the challenge.
This article was originally published in the World Economic Forum.