S-RM’s Jamie Smith recently spoke with Cybernews about the top cyber risks businesses face today.
The full article can be discovered in Cybernews, and a section has been reprinted here with kind permission.
The volume of cyberattacks is only increasing, especially toward companies. This signals the need for better preparation for businesses to deal with such issues.
The occurrence of data breaches, distributed denial-of-service (DDoS), ransomware, and other types of attacks are a common risk for businesses of every size. They can have major financial or reputational consequences that are difficult to deal with.
While some companies still follow the “it won’t happen to us” mentality, those aware of the risks that come with cyberthreats are looking for ways to secure themselves, including investing in cyber security consultations.
Jamie Smith, the Board Director and Head of Cyber at S-RM – a company that specializes in global intelligence and cybersecurity, agreed to share his thoughts on effective protection measures and cybersecurity trends.
You often stress the importance of threat intelligence. Why is it so crucial?
The cyberthreat landscape is constantly evolving, with new threat actors and technologies emerging. But intelligence can help organizations to stay on top of cyberthreats. Some easy first steps include making sure that the business regularly checks what cyber risks are most common in their industry – this can be through risk bulletins, free alert services, and signing up to receive materials from organizations like the National Cyber Security Center (NCSC) in the UK or its equivalent. A next step could be engaging a professional cybersecurity consultancy to help you understand the risk profile of your business specifically.
How do you think the recent global events affected the way people perceive cybersecurity?
At the time of speaking to Cybernews, sadly the conflict in Ukraine is the recent global event throwing a spotlight on cybersecurity today. Russian cyberthreat actors have always been in the headlines and it is understandable that many people from individuals to businesses will be concerned about the cybersecurity conflict running in parallel with the physical war. What we have seen in the first few weeks of the conflict is an ‘eye of the storm’ effect, with no major uptick in cyberattacks on Western businesses. It is likely that Russian cyber resources have been focused on targets in Ukraine – destroying data, disseminating disinformation, and perpetrating DDoS attacks to shut down websites. But now, it is likely that Russian threat actors may set their sights on Western businesses in retaliation for global trade and economic sanctions. This is something that businesses, therefore, must be prepared for.
Why might some organizations not be aware of the security risks they are exposed to?
In our recent survey of 600 C-Suite and IT budget holders from across the US and UK, only 40 percent of respondents thought their organization would be ‘completely successful’ at detecting a cyber incident. The same respondents thought their organizations could be more successful with better employee appreciation of cybersecurity risks, and a greater understanding of breach response policies. These two points are reflected in the growing C-suite interest in cultivating a security-positive culture, which is key to having the kind of proactive and value-creating cyber strategy which I described earlier.
Although the world of work is increasingly digitized, most cyberattacks are aimed at employees and people remain some of the most vulnerable attack vectors. This makes it crucial that every single employee is educated and empowered to detect and respond to cybersecurity vulnerabilities.
Out of all cyberthreats floating around nowadays, which ones do you think have the potential to cause the most damage?
Any cyberthreat has the potential to do massive amounts of damage. But that damage can be limited if your organization has built up its cyber resilience and practiced its incident response. Three innovations in 2021 to highlight that we shared in a recent podcast are:
- Double encryption – where a single ransomware group encrypts their victim’s data twice, sometimes with two separate strains or simply using two separate encryption keys. This causes the victim to pay a ransom twice to recover their data.
- Additional pressure tactics – this includes cold calling directors or senior executives, sometimes even phoning the front desk or clients and journalists to let them know the victim organization has had a data breach. Threat actors may also threaten distributed denial-of-service (DDoS) attacks against their victims if a ransom isn’t paid. This would be a threat over and above the initial ransomware attack.
- Third-party access brokers – instead of compromising a network in order to launch an attack, threat actors are looking to purchase access to an already compromised network. This could either be purchased from a specialist hacker or alternatively, from insiders at a target organization.
What would be the first steps for companies looking to improve their cyber resilience?
Firstly, look at your information security function. Ensure it has defined objectives – which information assets and systems are you trying to protect and why? Next, build out your cybersecurity policy, and within that describe what your ‘ideal state’ is, as outlined in your objectives. Then, work on supplementary procedures which detail how you will reach and maintain that ideal state. Finally, and perhaps most importantly, engage your employees in the policies and procedures put in place so they understand their role. It goes without saying that this is a process of continual learning, as a cyber strategy needs to be constantly put into practice and lived every day throughout the organization to be truly effective.
Talking about individual users, what security solutions do you think should be implemented on personal devices?
The pandemic saw a sharp increase in working from home, so it was natural to see an uptick in the number of personal devices being used for work purposes. Working at home and on poorly secured networks and devices increases the attack surface for threat actors. Employers have a responsibility to keep their strategy on ‘bring your own device’ (or BYOD) up to date to protect themselves and the individuals they employ from attack. That can be things like using two-factor authentication (2FA), or passphrases that change regularly. These ‘security hygiene basics’ are simple, but effective. While the human vector remains the top target of cybercriminals, good cyber habits being practiced throughout an organization is crucial. So again, having a positive cyber culture that makes sure these tools are being used consistently is also key.
Would you like to share what’s next for S-RM?
In March we opened our new office in Utrecht, which will allow us to anchor our European operations and grow our presence in the Benelux market. It also allows us to tap into the strong cyber talent pool in the Netherlands, which will help us grow our cyber team further in 2022.
Last year we published our first thought leadership report, Investing in Cyber Resilience: Spend, Strategy, and the Search for Value and we’re looking forward to releasing another report later this year.