Boards ‘underestimate’ ransomeware supply chain threat

It’s been five years since the WannaCry worm made headlines around the world when, in a matter of days in May 2017, it infected hundreds of thousands of computers in more than half of the world’s countries.

Users of infected machines discovered that they no longer had access to their data and would have to respond to a ransomware demand of $300 if they wanted to regain access. Some paid, some didn’t. Those who responded to the request did not necessarily recover their data, however, this was later revealed. Cybercriminals don’t have to keep their promises, it seems, and global industries have found that out the hard way.

Today, cyberattacks continue to pose an ongoing and ever-evolving threat to businesses across all industries, said Mark Atwood, global head of research and consulting at Gartner. He points to research from the NCC Group’s Annual Threat Monitor report, which indicates that ransomware attacks nearly doubled in 2021, increasing 92.7% from the previous year.

“Ransomware attacks and other types of cyber threats can and have had crippling effects on supply chains,” says Atwood. “But, as important and pervasive as this subject is, it is fraught with complexity and confusion.”

Cybersecurity spending is growing, but new tactics are needed

In the Gartner Combating Enterprise and Ecosystem Cybersecurity Threats report, released in September, it was found that 63% of respondents expected to see at least a 5% increase in spending on supply chain cybersecurity. , and that the most popular technique for combating supply chain cyberattacks is a simple audit of suppliers, manufacturers, and logistics partners. But it’s not enough.

“As encouraging as it is to see the positive steps taken by the profession over the past five years, our research shows that organizations have an inflated view of their supply chain’s cybersecurity,” says Atwood. Respondents were asked how secure they thought their supply chains were on a scale of 1 to 7 – 1 being not at all and 7 being completely secure – and 83% of respondents gave themselves a rating of four or more.

This false sense of security is dangerous given the state of the global industry; Last year, manufacturing overtook financial services for the dubious honor of the sector most targeted by cybercriminals, according to Geert van der Linden, Cybersecurity Business Lead at Capgemini.

Legacy technology from the days when cybersecurity was not even a consideration has created opportunities for attackers to exploit. The industry’s transition to smart factories has also raised complex cybersecurity questions that organizations need to address, says van der Linden.

“Our recent research shows that 40% of organizations have experienced a cyberattack that has impacted their smart factories in the past year, and it’s only going to become more common if organizations don’t respond,” he says. -he.

Better visibility of networked devices is essential for detecting when they have been compromised and regular system risk assessments are useful to help prevent attacks, but more needs to be done if global enterprises are to address threats from crawling ransomware and cyber attacks.

Zero Trust has reached “critical mass” for identity verification

Elsewhere, there are encouraging signs – Marc Rogers, senior director of cybersecurity strategy, Okta, says identity-driven security has reached “critical mass” over the past year. “The trend is not going away,” he says. “Increasingly, identity-centric Zero Trust frameworks will be the best choice for any security-conscious organization.”

The principle of the Zero Trust architecture is quite simple, explains Rogers: all network traffic should be considered untrusted until it is validated. Using this “don’t trust, always verify” approach makes it easier to manage remote and hybrid workforces as the threat of ransomware continues to grow.

Okta’s recent State of Zero Trust report indicated that all financial services organizations, without exception, plan to develop a Zero Trust initiative within the next 18 months. This comes after the industry faced a 35% increase in ransomware attacks, more than any other industry, according to the latest report from the Anti-Phishing Working Group (APWG).

But increased awareness does not necessarily translate into action and preparation; C-suite executives must prioritize Zero Trust and other cybersecurity measures, says Capgemini’s van der Linden. Today, there seems to be a lack of collaboration between cybersecurity teams and boardroom stakeholders, which has a ripple effect on budget allocation and how quickly organizations respond to a ransomware attack.

“Governance is a particular concern – this area demonstrates the lowest level of readiness across multiple metrics,” says van der Linden, “Our research shows response readiness is equally low, with 54% of executives saying that ‘they don’t have – or don’t know if they have – a team dedicated to preparing for and responding to cyberattacks in their organizations’ smart factories.

People are a problem, but cyber experts are vital to the fight

People are the first line of defence, but also the weakest, says van der Linden. Employees must therefore be trained to detect the warning signs of a potential attack so that companies can react quickly.

“Training experts who can oversee the implementation of comprehensive security measures is vital – and investments in this area will not be wasted,” he said. “Those who can’t get started quickly should consider partnering with an organization with end-to-end expertise and services to manage it.”

This is echoed by research from Okta and Rogers, who both agree that employee training is essential. “Staff must be empowered to understand all security threats and be aware of the risks created by remote and hybrid working, such as when a family shares passwords or corporate resources are accessed on machines personal.”

Employees need to understand the dangers as well as the reasoning behind measures like Zero Trust, so they aren’t tempted to bypass security for convenience, he says. “However, it’s equally important that security is designed to complement user behavior and enable them to do their job rather than simply adding additional, often unnecessary friction.”

Insurance helps compensate for passing ransomware attacks

The insurance industry is another established sector that needs to change quickly in order to cope with business pressures, says Okta’s Rogers, and combining cyber insurance with best practice efforts to protect against attacks is ” a sensible strategy.

“Cyber ​​insurance companies are increasingly viewing strong identity checks as a security risk mitigation, meaning they will lower premiums for companies that use them,” Rogers says. “If the worst happens, cyber insurance policies provide financial backing for the many potential costs of a ransomware incident – ​​from regulatory fines and collection fees to media relations and incident response.”

In the past, the insurance industry has played a key role in the development of security and safety in global enterprises, and Rogers hopes to see the same developments in the area of ​​cybersecurity.

“Enterprises will increasingly have no choice but to adopt strong identity-based security if they want to reduce insurance premiums,” says Rogers. “Risks are difficult to quantify, leading to increased costs and tighter underwriting requirements. Identity-based security will increasingly be the best way to reduce cyber insurance premiums. »

Leave a Reply