EnterpRISE

View Original

Facing Up To The Cyber Threat

As ransomware attacks rise once again, Robert O’Brien talks to industry experts about how Irish companies can protect their data.

Cyber security specialist Kroll’s latest Threat Landscape Report has warned that ransomware attacks rebounded strongly in Q4 2022, with a significant spike in focus on technology and manufacturing. Not only have familiar threats not gone away, but they continue to evolve and adapt.

According to Kroll: “The near-seamless transition from Office maldocs to container files in phishing attacks and new access tactics like Google Ads abuse illustrate the constant evolution of techniques to which organisations must pay attention in order to improve their defences.”

Familiar threats remained highly active throughout 2022, such as a significant increase in phishing and a notable rise in unauthorised access. LockBit overtook Conti as the most common ransomware variant of 2022, while phishing replaced CVE/Zero-Day Exploitation as the most common initial access method of 2022, according to Kroll.

Separately, an AON survey of 228 senior business leaders in Ireland points to one in six firms experiencing a cyber-attack or data breach in 2022. The survey was conducted across 81 mid-sized SMEs, 86 large SMEs and 123 enterprises with over 250 employees. Large companies are more at risk, with 21% of the survey cohort facing an attack last year compared to 9% of SME respondents.

Karl Curran, head of Aon’s cyber solutions unit, commented that far too often successfully managing cyber risk only becomes a priority after a cyber incident has occurred. “Despite the majority of Irish firms planning to invest more in cyber security and resilience in the coming years, more than a quarter of business leaders don’t have any plans to invest more in cyber security and resilience in the near future,” he added.

Against this backdrop, how active are companies with data backup and disaster recovery plans? Amárach Research recently canvassed 64 members of the Business Plus Panel, which is drawn from across the magazine and website readership. The survey found that nearly half of the firms responding back up their data continuously, with one in five doing so on a daily basis.

About a third of the organisations have faced a data outage or disaster, but only half of them have developed a disaster recovery strategy or action plan. Internal and external teams have been appointed by a quarter of the respondents, though 40% have neither team in place.

Carlos DaSilva, service management consultant at SureSkills, commented that while a majority of firms have implemented data backup procedures, many have not tested their restore process or developed a disaster recovery strategy at all.

“Significantly, a large percentage of organisations do not have internal or external teams in place to respond to disasters,” said DaSilva. “This highlights the lack of understanding of the significant threats that data outages (malicious or otherwise) can pose, and that it is a business imperative for organisations of all sizes to manage the obvious risks in the digitally transformed world.

“It is important to appoint and test both internal and external teams to respond to disasters. Businesses should also review their current backup and recovery practices to ensure they meet standards and regulations. By adopting best practices for your organisation you can significantly reduce risk of data loss and increase your ability to quickly recover from an outage or disaster,” DaSilva added.

HOW TO REINFORCE YOUR CYBER SECURITY STRATEGY

■Review business continuity and disaster recovery (BCDR) plans to ensure they take account of and

regularly test for cyber threats.

■ Assess vulnerabilities. This allows the business to strategically budget and address critical areas.

■ Review governance, controls, roles, and responsibilities and develop protective safeguards to prevent ransomware attacks.

■ Quantify the financial loss associated with an incident, breach, or disruption.

■ Engage in breach simulations and tabletop exercises to test incident preparedness.

■ Check contractual protections and have all insurance policies reviewed to ensure

the enterprise is covered for financial loss from a breach.

■ Proactively utilise threat intelligence to monitor for the tactics, techniques, and procedures of cyber attackers.

Source: AON

Reporting: Business Plus