Cybercrime and the road to resilience.

Richard Robertson, Global Head of Information Security at Pro Global, looks at the current state of cybercrime and how its evolving nature is causing concern throughout the industry.

There’s no getting away from the fact that cybercrime is big business. Large scale attacks most notably come in the form of ransomware, where cyber criminals hack into a computer system, freeze and encrypt the user’s data, before demanding a ransom – usually in the form of crypto-currency.

In 2020 alone, it was reported that hackers received more than $350 million worth of cryptocurrency from cyber victims; a figure nearly three times as much compared to previous years.

The magnitude of these attacks has also increased; they are now sophisticated global events, set on bringing down technology service providers in the hopes of securing the biggest rewards.

The results can be highly disruptive, as seen with the recent cyber attack impacting payment systems including Coop supermarkets in Sweden. The attack was targeted on US-based IT service provider Kaseya, putting more than 1,000 businesses at risk and bringing a whole payment system down, with the true impact of the attack yet to be understood.

The latest prediction is that cyber-attacks will take aim at cloud-based SaaS platforms, encrypting cloud services and data; the most concerning of which – as reported by Forbes – is Ransomware 2.0.

 

Resilience is key


The frequency and scale of cyber-attacks are, without doubt increasing, and the focus for any organisation must be on resilience.

Insurance is one tool that companies turn to in order to improve resilience. And demand for cyber insurance has, unsurprisingly, rocketed. For insureds, not only do they need to get a better understanding and mitigation of their risk, but they need to get a handle on the exposure they are underwriting too.

In a previous article, I referenced how by 2022, the global cyber insurance market is projected to reach US$15 billion in value; current modelled cyber insurance pay-outs in the event of a significant cloud service provider outage, however, comes in at US$14.3 billion alone.

Mitigating cyber-attacks

However, the increasing sophistication of cybercrime can make it challenging to understand exposure to cyber risks and data breaches; however, the real vulnerability comes down to understanding a businesses’ cyber defenses and training, improving and preparing for an attack.

The solution to understanding and rectifying these weaknesses is through cyber audits. From risk assessments, user awareness training, security assessments, and even highlighting emerging threats and their preventive measures.

By understanding the risk, insurers can recognise what technology they – and their insureds – need to protect themselves. By undertaking regular cyber audits, insurance buyers can also demonstrate to their insurers the measures they have in place to counter the cyber threat – a demonstration that may prove useful in negotiating coverage terms and conditions.

Together with its expert cyber security partner, Cyber Security Associates, Pro conducts cyber audits for companies across sectors. To find out more visit https://pro-global.com/what-we-do/audit/cyber-audit/