Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Lessons from the world’s costliest corporate cyber attacks | #cybercrime | #computerhacker

Cybercrime is not an issue that is likely to disappear any time soon. During the course of 2023, according to Statista, the number of cyber incidents reported by UK businesses rose by more than a third. In 2022, 28% of businesses said they identified one breach or attack in the previous 12 months, compared to 21%. Indeed, the UK is the economy most at risk of cyber attack, according to one recent survey.

This is backed by a number of recent high profile attacks, such as the ransomware attack on the Guardian newspaper in December 2022. Following a ransomware attack on Royal Mail in January 2023, one estimate put the global cost of cybercrime at £8 trillion a year. If it was measured as a country, cybercrime would be the world’s third largest economy after the US and China.

“One of the big drivers in this massive rise in cybercrime is that the barrier to entry is becoming much lower,” says Richard Brinson, chief executive of cybersecurity consultancy Savanti. “Cybercrime is being commoditised; there are websites where you can create your own ransomware and they will take a commission from the ransom that is paid.” AI technologies such as ChatGPT are also making it easier to “create artefacts that support cybercrime”, such as a realistic phishing email.

Brinson has identified five common mistakes leaders make when it comes to tackling cyber crime, as well as some possible solutions.

Mistake 1: Failure to prepare and practice

There are multiple elements to prepare for, he says. Having good protection in place, such as firewalls or email security, is simply not enough. Their effectiveness must be rigorously tested, but most companies only carry out a ‘penetration test’, whereby an external cybersecurity company will test these defences once a year.

Instead, companies should carry out ‘continuous testing’ of their security defences, to see if they are still up to the job. “This is where we see companies fail; they think they’re doing a good job because they have loads of firewalls or controls, but the ability to detect a breach once it happens is generally pretty poor.”

If all security features are working properly, once a breach has been detected companies must respond correctly – which doesn’t involve calling the police.

“You need to have an internal team that knows how to mitigate and contain the threat in order to recover. If the worst happens and you lose your data, you need to know how to get it back. The key message is practice, practice, practice.”

Mistake 2: Communications failures

It should come as no surprise that communication is key when it comes to managing a cybersecurity incident. Handled badly, it can ruin a company’s reputation. There are multiple levels of necessary communication, Brinson says, starting with internal communications. Bearing in mind that during a cyber security breach, a company’s email systems might be down, so leaders will need to have other options in place for internal communication, such as a WhatsApp group.

For customer communications, leaders will need to think about what telephone system to use and whether they have the right teams in place to manage those calls. “You need to expect to have hundreds and thousands of calls that your call centres may not be set up for. You’ll need to be able to direct customers to your websites, sometimes in multiple languages.”

Leaders must also define how they will communicate with the media, including who will take on the role of spokesperson. Once this has been decided, they must then drive home a consistent message.

Mistake 3: Not fostering a culture of openness and accountability towards cyber risks

“We’re now seeing people facing criminal charges for not doing their job well enough. There was a big case in the US where the Uber chief information security officer was involved in the cover-up of a customer data breach,” says Brinson. While that executive narrowly avoided a jail term – he received three years probation – large fines can be levied for “overstating the level of controls the company had in place to investors and underplaying, or not disclosing, certain risks they internally knew about”.

There’s no room for plausible deniability, he adds, especially as most cyber risks are usually reported to whoever is head of technology. “This creates a real conflict of interest where to do your job well you may have to throw your boss under the bus, which is culturally not easy.”

While Brinson accepts that many are not comfortable admitting their mistakes to senior management, cultivating a culture of openness should be a top priority for senior leaders – not just the cyber team. Employees should be encouraged to identify risks and then subsequently be rewarded.

Mistake 4: Not having the right talent within the cyber team

Brinson believes there are some three million unfilled vacancies globally within cyber security, creating a bidding war for talent.

“Salaries are rising so quickly that people will move jobs quickly, because they know that within a few years they could get 50% more than where they are.” These same people are also building up knowledge about your business, he adds, putting your organisation at risk when they leave and take that knowledge with them. The focus, Brinson believes, needs to be on encouraging more people to enter the industry, either “at grassroots level, university or business school level”.

“There’s also a leadership challenge; cyber security is a relatively new discipline, but is very quickly becoming an issue for boards of directors. Compared to HR or finance, disciplines that have been around for a long time and have become well known subject matters, cyber doesn’t have as much of that. Now, however, you’ve suddenly got people who are sort of experts, but not business leaders, being thrust into the boardroom. How do these people communicate? Can they speak the language of the board?”

Mistake 5: Inadequate board governance of cyber

The board needs to be receptive and prioritise cyber security. “We’ve seen a really great increase in the priority that cyber security has been given. Whenever I speak to a client, cyber is one of their top three risks and it’s something that is discussed in the boardroom.”
Where companies are falling down, Brinson says, is that boards fail to grasp that they cannot govern something they don’t understand.

Someone either on the board or externally advising it needs to understand the nuances of cyber security, otherwise “you’ll be in a world of trouble because you can’t validate what you’re being told”.

This can lead to a false sense of security, as no one would be able to challenge the ‘expert’ on what they are saying. An external expert is needed to coach board members in the ways of cyber security, such as interpreting reports and statistics.


Click Here For The Original Source.