Accelerated digital transformation prompting ‘cloud sprawl’, coupled with an increasingly complex and pervasive threat landscape, has made cybersecurity a growing challenge for organisations across the globe.
Today, cybersecurity is a board level challenge, highlighted by the National Cyber Security Centre’s“Cybersecurity Toolkit for Boards”in which they acknowledge a cyberattack can impact every aspect of a business and must therefore be integrated across organisational risk management and decision making.
Due to the scale of problem, it can be a struggle for organisations to know where to put their focus. And, as the world continues to become more digitally enabled, the attack surface is expanding faster than ever before. Keeping ahead of the attackers is no small feat.
At Adarma, in our experience as cyber threat management specialists, we’ve seen 3 main threat vectors emerging as the top concern for the board: ransomware, insider threats and third-party risk or supply chain risk. Our CEO, John Maynard and chief product officer David Calder, elaborate on these threats in our new video on how to improve cyber resilience.
Here are 3 threats that are top of mind for our clients
1 – Ransomware
There has been a significant increase in the threat landscape and the threat environment organisations face today. Across the industry we’ve seen varying levels of ransomware preparedness.
In fact, in our recent Ransomware Readiness report, we found that 58% of UK businesses with over 2,000 employees had experienced a ransomware attack, so this threat is particularly top of mind among our clients.
New and more sophisticated iterations of ransomware are cropping up at an alarming rate. The threats that businesses face are constantly transforming and becoming more harmful. We can see the impact that the growing threat of ransomware is having on our customers, who are becoming increasingly concerned about how they prepare for evolving ransomware attacks, how they detect it and how they respond to it once it’s happened.
Among the biggest threats to organisations are the ones from within. Insiders often have access to privileged systems or are privileged administrators who have access to confidential data.
Organisations should ensure that they have the requisite controls over those privileged users, understand how they will monitor insider activity to detect malicious behaviour quickly, and how they will shut it down and respond to it at scale if an attack is launched.
Although research by PwC found that in 2020 only 14% of cyber incidents were caused by malicious employees, accidents can and do happen.1 The switch to remote working practices has provided a greater opportunity for insider threat actors to cause havoc.
However, more commonly it’s these slip ups that expose organisations to threats. Research from Standford University on the psychology of human error found that 9 in 10 (88%) data breach incidents are caused by employees’ mistakes.
Managed endpoint detection and response security tools provide near real-time data across your IT network enabling security teams to understand, for example, asset visibility issues, high risk threat vectors, and personally identifiable information data stores. This information can help highlight potential areas of risk and help detect insider threats, for example, unauthorised devices, security misconfiguration or sensitive data stores with inadequate protection on end user workstations.
3 – Supply chain risk
Many of our customers work in highly regulated and targeted sectors where managing supply chain risk is crucial. Organisations are accountable for managing cyber and privacy risks around information that is shared with third parties and beyond.
With sensitive data changing ownership multiple times throughout the supply chain, it’s critical for organisation to know what steps third parties are taking to safeguard that information as it travels through the digital ecosystem.
A third-party breach may force your organisation to respond to incidents outside of your control, which is why this exposure is a top priority for the board. Organisations need to know what security controls they require, how to manage third party access to their data and environment, how to enforce data discipline and how to maintain data records from creation to disposal.
Managed vulnerability scanning can help identify, contextualise, track and prioritise vulnerabilities in your IT estate to help you keep your risk under control. Each of your assets can be tracked by attribute, so when a change to any of them occurs it’s identified, prioritised, and monitored – as it happens.