BY Richard Summerfield

Cyber threats are evolving all the time, and while cyber criminals become more sophisticated and better equipped, it is the responsibility of companies to ensure that they are well prepared for any attacks. Yet, according to a new report from Alert Logic, many organisations lack confidence that their systems can withstand an assault.

The ‘Threat Monitoring, Detection and Response Report’ notes that companies are increasingly under attack from ransomware and phishing, and frequently experience data losses (these are the three biggest concerns for companies). Yet many cyber security executives in the UK are unconvinced that their company’s overall security posture is adequate.

Just 42 percent of the 400 executives surveyed indicated that they were moderately confident about their company’s ability to repel an attack. Thirty-two percent of executives felt that their company was more likely to experience a cyber breach in the next 12 months, compared to a year ago. Twenty-nine percent believed a breach was less likely, 22 percent did not expect the threat to change and 17 percent were unsure.

Many companies expressed concern about their ability to resist attacks. Primarily, executives believed that a lack of budget (51 percent), a lack of skilled personnel (49 percent) and lack of security awareness (49 percent) were the most significant obstacles facing security teams and the biggest barriers companies face when trying to defend themselves from attack.

Insiders are another growing concern for respondents. Fifty-four percent of those surveyed perceived a growth in these threats over the past year. Indeed, inadvertent insider breaches were cited as the biggest internal threats companies faced (61 percent). Insufficient user training contributed considerably, with 57 percent of respondents claiming that improving training would help overcome internal threats.

Yet despite the increased profile of cyber threats in the media, many cyber security executives do not expect to see their budgets increase substantially. Only 32 percent expect to get more, while 9 percent expect to receive less and 54 percent anticipate the same level.

A number of organisations are utilising threat intelligence platforms to respond to attackers.  Forty-seven percent of respondents reported that they were deploying open-source threat intelligence. Thirty-seven percent claimed that they uses a range of commercial vendors. Forty-nine percent claimed that the use of threat intelligence platforms had a positive impact on reducing data breaches.

Report: Threat Monitoring, Detection and Response Report

BY Richard Summerfield

Despite an increase in the number of cyber attacks and data breaches over the last 12 months, including a number of high profile cyber events, there has been a decline in how seriously C-suite executives view cyber risk, according to a report from Zurich and Advisen Ltd.

In ‘The Seventh Annual Survey on the Current State of and Trends in Information Security and Cyber Risk Management’, 60 percent of the risk professionals surveyed said executive management view cyber risk as a significant threat to their organisation. However, this is down significantly from the 85 percent recorded in 2016.

The eroding of the importance of cyber security issues among senior management is a worrying trend, particularly in light of the number of cyber incidents recorded over the last 12 months, as well as the volume and value of the data stolen.

According to the report, only 53 percent of respondents knew of any changes to their companies’ cyber security systems in response to the high-profile attacks that took place in early 2017. Furthermore, growth in the purchase of cyber insurance has gone stagnant after a steady six-year increase from 35 percent to 65 percent.

“These findings may indicate that businesses are not up to speed on the magnitude of impact that business interruption losses are beginning to have on businesses,” said Erica Davis, head of Specialty E&O for Zurich North America. “Businesses must adopt a mindset of resilience that extends beyond the four walls of their organization. As cyber security breaches persist, it is more critical than ever to engage in an ongoing, comprehensive review of all business partner relationships including how those vendors and business partners approach their own exposures and controls and how the vendors’ supplier approach fits into their overall resilience plan.”

A total of 315 respondents, across a spectrum of businesses of all sizes, contributed to the report. Fifty-six percent of respondent were from companies with revenue of $1bn or less.

Report: The seventh annual survey on the current state of and trends in information security and cyber risk management

BY Richard Summerfield

Given the increasing sophistication of cyber criminals and the potential risks faced by companies that fall victim to attack, cyber security has become a hot topic in recent years. According to a new report from the President’s National Infrastructure Advisory Council (NIAC), however, cyber defences in the US are not currently fit for purpose.

The report, 'Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure', was based on reviewing hundreds of previous studies plus interviews with 38 cyber experts, who were mostly in the financial services and electricity sectors.

The NIAC, which was created in the aftermath of the 11 September 2001 attacks in the US, is charged with the task of advising the Department of Homeland Security on the security of US critical infrastructure against any form of attack, be it physical or cyber based. It believes that cyber security provisions in the US are currently experiencing a pre-9/11 moment. According to the report, if more is not done to protect the country’s critical infrastructure, such as the financial system or electric grids in the US, both the government and private industries run the risk of missing a “narrow and fleeting window of opportunity before a watershed, 9/11-level cyber attack".

The report notes: “Cyber is the sole arena where private companies are the front line of defence in a nation-state attack on US infrastructure. When a cyber attack can deliver the same damage or consequences as a kinetic attack, it requires national leadership and close coordination of our collective resources, capabilities, and authorities."

The NIAC has proposed 11 specific recommendations to shore up the country’s cyber security defences. Chief among these is establishing specific network paths designated for the most critical networks, which would include dark fibre networks for critical control system traffic and reserved spectrum for backup communications during emergencies. The NIAC also recommended private organisations and government bodies improve their threat information sharing. In addition, the government should provide incentives for any hardware upgrades performed, as well as establish a centre of excellence which will showcase best-in-class tools across the industry and provide a test bed environment for companies to test and evaluate new software, among others.

“We believe the US government and private sector collectively have the tremendous cyber capabilities and resources needed to defend critical private systems from aggressive cyber attacks – provided they are properly organized, harnessed, and focused. Today, we’re falling short”, the report suggests.

Report: Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure

BY Richard Summerfield

The cyber security landscape is increasingly fraught with danger. Attacks such as the ‘WannaCry’ cryptoworm, have been headline news in recent months. According to the Cyber Threatscape Report 2017, produced by iDefense, part of Accenture Security, there will be a continuation escalation of the high profile attacks seen in the first half of 2017. As such, companies must be prepared to take action.

“The first six months of 2017 have seen an evolution of ransomware producing more viral variants unleashed by potential state-sponsored actors and cybercriminals. Our findings confirm that a new bar has been set for cybersecurity teams across all industries to defend their assets in the coming months,” said Josh Ray, managing director at Accenture Security. “While the occurrence of new cyber attack methods is not going away, there are immediate actions companies can take to better protect themselves against malicious ransomware and reduce the impact of security breaches.”

According to the report, cyber criminals are rapidly expanding their capabilities, due to factors such as the proliferation of affordable, customisable and accessible tools and exploits. Attack vectors, such as distributed denial of service-for-hire services are likely to become much more widespread as cyber criminals, both individual and state-sponsored, look for new ways to disrupt the landscape.

The report suggests that to improve cyber defences, companies should consider adopting an email analytics platform in the cloud, as well as authentication tools and spam filters. They should also update and test cyber resilience plans, and impose administration rights restrictions on local workstations to further reduce the potential impact of cyber criminality.

The study also found that cyber criminals have begun to use alternative cryptocurrencies or adopt bitcoin laundering schemes to conceal transactions. Furthermore, the report notes that state-sponsored threat actors may continue to conduct espionage activities in response to military exercises and economic sanctions.

Ensuring that adequate business continuity planning is in place is an important step organisations should take as cyber criminals become more ambitious. This requires companies to be proactive. By taking action to protect themselves against cyber attack, companies can reduce the impact of any breaches they suffer.

Report: Cyber Threatscape Report 2017