Navigating The Evolving Threat Landscape

When it comes to the threat landscape, cyber criminals are growing in sophistication, and it’s no secret that businesses are battling against increasing cyber-threats. It’s become not a question of ‘if’ an organisation will be attacked, but ‘when’.

It's critical that organisations are able to identify these threats and mitigate against them, without any disruption to business continuity. To do so effectively, the responsibility lies with the CISO to be aware of the nuances within the threat landscape, and changes affecting it.

When assessing this, it becomes clear that prioritising regulation and insurance policies and enforcing operational resilience is key to safeguarding the future.

The Evolving Threat Landscape 

External factors have a significant impact on cybercrime. Uncertainty brought about by geopolitical events, such as the war in Ukraine, create an environment for cybercrime to thrive. Oil, gas and food famine resulting from the war is demonstrating in real time how threat actors will abuse new threat vectors and pull on the strings of a globalised supply chain to cause widespread instability. Similarly, at the beginning of the pandemic, cybercrime soared by 600% as threat actors took advantage of a new vulnerability. 

With geopolitical factors encouraging cybercrime, the costs associated are becoming astronomical. This is causing premiums to skyrocket as insurance companies are struggling to cover the volume and costs of a cyber-attack. Cybercrime is estimated to increase in cost for companies to $10.5 trillion by 2025, which makes it even more important for organisations to have the ability to respond at pace. When it comes to defence against ever-sophisticated cybercrimes, reacting fast is critical to mitigating disruption to business operations and avoiding a serious loss of income. 

In light of this, what should the CISO’s top two priorities be to navigate the evolving threat landscape successfully?

Priority One: Regulation & Insurance 

Regulation sits far behind where we need to be to mitigate risk across all industries. Often, new measures don’t come in until after a world impacting event requires it to do so. The devastating events of 9/11 is a prime example of this, with some companies having one Data Centre in the North Tower and one in the South. Following the event, new regulations mandating data proximity between two sites were introduced, to avoid them being exposed to the same regional risks. This demonstrates why we must be cognisant to the fact that regulation lags behind logical standards to mitigate threats, and why we must educate organisations to advocate action that goes beyond meeting the bare minimum. 

Insurance companies are realising the gap is too big - hence the rise in cyber premiums. Some companies, such as water utility and chip manufacturers, are finding themselves increasingly uninsurable because insurance providers are demanding higher standards, but regulation still sits far behind where it should be. This is a problem because a lot of businesses completely rely on insurance policies to cover recovery costs against these kinds of attacks and some insurers, such as Lloyds London, are even withdrawing their policies altogether because of this. CISOs need to start thinking about how confident they are in their ability to recover and the financial implications they would face from prolonged downtime – which now faces the very real threat of not being covered by insurance.

Priority Two: Operational Resilience 

Resilience needs to become more proactive. Whether it’s geopolitical, cyber, or environmental, businesses need to realise that responsibility for the concentrated risk and operational resilience lies with CISOs, IT Directors and Risk Officers, not with regulators and insurers. Here however lies a critical opportunity to push incremental progress, helping build organisational and industry stability.

It begins with understanding where you are today. Where are the gaps and where do you want to get to? Investing in automating and orchestrating recovery processes, enhancing recovery time and recovery point objectives, while simultaneously mitigating human error in restoring from backups should be a focus in all organisations. Continuous testing and cyber simulation exercises can support this, ensuring you have confidence in your ability to act and recover at pace when the worst happens.

Proactive Action

As the threat landscape continues to expand and the growing volume of attacks are increasing in sophistication, organisations are facing longer downtime and rising recovery costs.

To effectively safeguard for the future, there needs to be a realisation that regulation lags behind where it needs to be for mitigating risk. Insurance policies are shifting that risk and the responsibility is now back into the hands of the CISO. In addition to this, organisations must adopt a culture of becoming operationally resilient to survive the evolving threat landscape, which should be driven by the CISO. 

Tom Goodwin is Business Continuity Specialist at Kyndryl

You Might Also Read: 

Guilty: A Criminal Conviction For One CISO Has Consequence For Others:

 

« Shifting Left In Enterprise Cloud Security
Five Ways Executives Can Optimize Cyber Security Spending »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cristie Data

Cristie Data

Cristie have been a trusted, innovative and leading edge data storage, backup and virtualisation solutions provider across all sectors of industry for over 40 years.

Synopsys

Synopsys

Synopsys delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation.

Norwegian Information Security laboratory (NISlab)

Norwegian Information Security laboratory (NISlab)

NISlab conducts international competitive research in information and cyber security and operates study programs in this area.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

Abusix

Abusix

Abusix specializes in Internet security, network abuse handling, antispam and fraud prevention.

Jenson Knight

Jenson Knight

Jenson Knight is a global cyber security, cloud and IT infrastructure staffing specialist.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

CyberScotland

CyberScotland

The CyberScotland Partnership is a collaboration of key strategic stakeholders, brought together to focus efforts on improving cyber resilience across Scotland in a coordinated and coherent way.

Fortify 24/7

Fortify 24/7

Fortify 24×7 provides a robust portfolio of managed cybersecurity solutions to help you identify and prevent attacks.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.