Data/Cyber

Cyber insurance is key to a proactive cyber security strategy

BY Richard Summerfield

Cyber insurance should form the backbone of a cyber security strategy, according to a new report from At-Bay.

According to the report, which surveyed security decision makers in the US, Canada and Europe, Middle East, and Africa (EMEA), cyber insurance is now seen as a best practice by many businesses, with 72 percent of respondents considering it ‘critical’ or ‘important’ to their organisation.

Furthermore, 43 percent of respondents noted that cyber insurance requirements are a significant driver of their cyber security spending. This figure rises to 52 percent among the largest organisations.

“We believe an important finding from this report is that there’s a large number of organizations that should consider partnering with a cyber insurance provider to help drive cybersecurity maturity,” said Andrew Braunber, an analyst at Omdia. “There can be upside for enterprises in aligning proactive cybersecurity spending with cyber insurance requirements, with an even more powerful emerging option to partner with an InsurSec provider to optimize risk reduction and technology performance. These relatively new entities combine cybersecurity products and services with insurance offerings to offer a wider scope of prevention and protection.”

There has been significant growth in the number of businesses of all sizes when it comes to prioritising proactive security solutions that help identify and mitigate potential threats. Over the last 12 months, more than 70 percent of respondents increased their spending on proactive security solutions.

Yet, despite the increase in the use of cyber insurance and its burgeoning impact on security decisions, only 13 percent of respondents said they were working ‘proactively’ with their cyber insurance provider to reduce cyber risk. By contrast, 33 percent of respondents said they were taking preventive measures with support from their cyber insurer.

Worryingly, proactive collaboration is even lower in critical infrastructure sectors, where cyber risks could have broader societal impacts. For example, only 4 percent of manufacturing companies, 7 percent of energy, utility and transportation companies, and 8 percent of healthcare companies reported proactive engagement with their cyber insurance providers.

“Cyber insurance has emerged as a critical pillar to building a proactive cybersecurity strategy as it enables companies to complete their risk mitigation,” said Thom Dekens, chief business officer at At-Bay and general manager of At-Bay Security. “Additionally, insurance providers with significant in-house cybersecurity expertise can provide huge business value to their customers, closely partnering with them to make informed decisions about their technology strategies and also improve their risk outcomes throughout the policy year.”

Report: InsurSec Can Drive An Effective Proactive Security Strategy

Data breaches cost FS $6.08m in 2024, reveals new report

BY Fraser Tennant

The global average cost of a data breach in the financial services (FS) sector was $6.08m in 2024, further expanding demands on firms’ cyber teams, according to a new report by IBM and the Ponemon Institute.

In its ‘Cost of a Data Breach Report 2024’ IBM reveals that the FS sector was the second highest of the 17 industries examined in the report – 22 percent higher than the cross-industry average cost of $4.88m.

The top three initial attack vectors affecting banks, insurers and other financial institutions were phishing, compromised credentials and cloud misconfigurations. Only 28 percent of FS firms employed extensive use of security artificial intelligence and automation last year, but those that did saw average cost savings of $1.9m per incident over institutions that did not.

According to the report, attacks on FS institutions typically took 168 days to identify and 51 days to contain – faster than the cross-industry average of 194 days and 64 days respectively.

Additional cross-industry findings in the 2024 IBM report include: (i) more organisations faced severe staffing shortages in 2024 compared to the prior year; (ii) 44 percent of breaches involved data stored across multiple environments including public cloud, private cloud and on-prem; and (iii) organisations would increase the cost of goods or services because of a breach – a slight increase from last year and the third consecutive year that the majority of businesses would push breach costs to consumers.

“Businesses are caught in a continuous cycle of breaches, containment and fallout response,” said Kevin Skapinetz, vice president of strategy and product design at IBM Security. “This cycle now often includes investments in strengthening security defenses and passing breach expenses on to consumers – making security the new cost of doing business.

“As generative AI (GenAI) rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling business to reassess security measures and response strategies. To get ahead, businesses should invest in new AI-driven defences and develop the skills needed to address the emerging risks and opportunities presented by GenAI.”

The report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analysed by IBM, has been published for 19 consecutive years.

Report: Cost of a Data Breach Report 2024

Cloud services a top target – report

BY Richard Summerfield

Cloud services, infrastructure and applications are the primary subjects of cyber attacks, according to the 2024 Thales Cloud Security Study.

The report, which surveyed nearly 3000 IT and security professionals across 18 countries in 37 industries, found that cloud security spending now tops all other security spending categories. This is particularly concerning given that 47 percent of all corporate data stored in the cloud is sensitive. Of those companies surveyed, 44 percent have experienced a cloud data breach - 14 percent in the past year.

According to the report, nearly half of organisations believe it is more difficult to manage compliance and privacy in the cloud compared to on-premises. Thirty-one percent recognise the importance of digital sovereignty initiatives as a means of futureproofing their cloud environments.

“The scalability and flexibility that the cloud offers is highly compelling for organizations, so it’s no surprise it is central to their security strategies,” said Sebastien Cano, a senior vice president at Thales. “However, as the cloud attack surface expands, organizations must get a firm grasp on the data they have stored in the cloud, the keys they’re using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it being used. It is vital to solve these challenges now, especially as data sovereignty and privacy have emerged as top concerns in this year’s research.”

The report also noted that among the targeted cloud resources, 31 percent are software as a service (SaaS) applications, 30 percent are cloud storage and 26 percent are cloud management infrastructure.

Human error and misconfigurations occurred in 31 percent of breaches, making this the top root cause. That figure was significantly lower compared to last year’s report, where 55 percent of cloud incidents were caused by human error. Exploitation of known vulnerabilities was the next highest root cause of cloud breaches, accounting for 28 percent, up seven percent compared to Thales’ 2023 report. Exploitation of previously unknown vulnerabilities and zero days accounted for 24 percent of breaches. Failure to use multi-factor authentication (MFA) was another significant cause of cloud breaches, identified in 17 percent of cases.

External attackers, including cyber criminals, hacktivists and nation-state actors, as well as malicious insiders, are also the driving force behind many cloud security breaches.

Sixty-five percent of respondents identified cloud security as a current concern, and cloud security was the top category of security spending, reported by 33 percent of all respondents.

Report: Thales 2024 Cloud Security Study

Cyber attack methods continue to evolve – report

BY Richard Summerfield

Cyber criminals are deploying new and innovative lines of attack in addition to modified versions of existing methods, according to Verizon’s 2024 Data Breach Investigations Report.

According to the report, which analysed more than 30,000 real-world security incidents, including a record high of just over 10,000 confirmed data breaches, spanning 94 countries, the three most popular vectors for data breaches were unauthorised uses of web application credentials, email phishing and exploiting vulnerabilities in web applications, when excluding errors and misuse, typically honest mistakes by employees.

Attacks utilising the exploitation of vulnerabilities were up 180 percent, according to the report. This increase comes as no surprise given the mass exploitation of the MOVEit zero-day vulnerability and other similar vulnerabilities. Primarily, these attacks utilised ransomware and other extortion-related threat actors, and the main entry point was web applications. Attacks involving ransomware or extortion have seen considerable growth over the past year, accounting for 32 percent of all breaches.

“The exploitation of zero-day vulnerabilities by ransomware actors remains a persistent threat to safeguarding enterprises,” said Chris Novak, senior director of cybersecurity consulting at Verizon Business.

The human element also had a substantial hand in the number of recorded breaches. Sixty-eight percent of breaches involved a non-malicious human element. Accordingly, the onus remains on organisations to improve security awareness among their employees in order to reduce the impact of breaches. The report explains that the most common causes of breaches involving a non-malicious human element are someone falling victim to a social engineering attack or someone making a mistake.

“In either case, these could have been mitigated by basic security awareness and training. This is an updated metric in the report (we would previously include malicious insiders), and it is roughly the same as the previous period described in the 2023 DBIR,” Verizon added.

Report: 2024 Data Breach Investigations Report

Companies face AI, deepfakes and other threats as cyber security continues to evolve

BY Richard Summerfield

As artificial intelligence (AI), deepfakes and other threats continue to evolve it is imperative that companies upgrade their cyber security systems as soon as possible, according to OnePoll and Gemserve’s new report: ‘Through the Cyber Lens: The Evolving Future of Cyber Security’.

The study surveyed 200 chief information security officers (CISOs) across the UK and Europe, assessing the readiness of CISOs to confront the evolving challenges in the cyber security space, particularly those derived from the burgeoning influence of AI, while also exploring their expectations for the future.

According to the report, CISOs are increasingly concerned about the use of deepfake AI technologies in cyber attacks. Eighty-three percent of respondents noted that generative AI will play a more significant role in future cyber attacks, with 38 percent expecting a significant increase and 45 percent anticipating a moderate rise in attacks utilising these technologies over the next five years. However, despite the imminent nature of the threat, only 16 percent of respondents believe their organisation has an excellent understanding of these advanced AI tools, and thus are likely unprepared.

“As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change,” said Mandeep Thandi, director of cyber and privacy at Gemserv. “AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape.”

Many CISOs also noted that they do not have the resources to face up to the many challenges they encounter. Around a third of respondents believe they lack the budget required to do their jobs most effectively, while a similar proportion are finding it difficult to recruit and retain staff with the right skills and experience.

A much higher percentage of respondents (92 percent) believe they have robust and tested incident management policies and procedures in place, but there are significant technology and knowledge gaps that should give cause for concern. Only 31 percent of respondents believe they have both security information and event management (SIEM) tooling and cyber threat intelligence, even though the majority of respondents (78 percent) expect the cyber threat landscape to become more complex and challenging over the next 12 months.

Going forward, CISOs will be hoping they are provided with the resources they need to help them navigate the challenging and uncertain future and reduce the efficacy of cyber attacks.

Report: Through the Cyber Lens: The Evolving Future of Cyber Security

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.