With Cybersecurity Awareness Month drawing to a close, we caught up with Natal da Silva, CEO, Stefanini Rafael, to discuss the challenges businesses are facing, the extent of the damage these attacks can cause and the role Stefanini can play in helping businesses defend themselves against new threats.
What are the most common types of attacks?
The most common and notable types of cybersecurity attacks include:
- Phishing and social-engineering-based attacks.
Attackers trick legitimate users with proper access credentials into taking action that opens the door for unauthorized users, allowing them to transfer information and data out (data exfiltration).
- Internet-facing service risks (including cloud services).
These threats relate to the failure of enterprises, partners and vendors to adequately secure cloud services or other internet-facing services (for example, configuration management failure) from known threats.
- Password-related account compromises.
Unauthorized users deploy software or other hacking techniques to identify common and reused passwords they can exploit to gain access to confidential systems, data or assets.
- Misuse of information.
Authorized users inadvertently or deliberately disseminate or otherwise misuse information or data to which they have legitimate access.
- Network-related and man-in-the-middle attacks.
Attackers may be able to eavesdrop on unsecured network traffic or redirect or interrupt traffic as a result of failure to encrypt messages within and outside an organization’s firewall.
- Supply chain attacks.
Partners, vendors or other third-party assets or systems (or code) become compromised, creating a vector to attack or exfiltrate information from enterprise systems.
- Denial-of-service attacks (DoS).
Attackers overwhelm enterprise systems and cause a temporary shutdown or slowdown. Distributed DoS (DDoS) attacks also flood systems, but by using a network of devices.
This malicious software infects an organization and restricts access to encrypted data or systems until a ransom is paid to the perpetrator. Some attackers threaten to release data if the ransom isn’t paid.
Why are companies particularly vulnerable now?
There are a lot of reasons why companies are vulnerable to cyber attacks. Some important reasons include:
- Low maturity in cyber practices and a lack of expertise in internal teams
- The growth of remote work has increased the potential attack surface. Breaches that have taken place where remote work has been a factor have typically cost businesses $1 million more than breaches where remote work was not a factor
- Lack of people training – people are a crucial part of cyber strategy and organizations need to invest in developing a resilient posture and a cybersecurity culture that mitigates exposure
- Cybercrime is very profitable and data is gold, which means hackers are determined to gain access to systems and use data for thier own gain
As cybercrime becomes ever more prevalent – this year it’s expected to account for $6 trillion in tosses, making it more profitable than the entire global illegal drugs trade – it’s imperative that C-suite leaders champion a cybersecurity strategy that is robust enough to repel the vast majority of attacks, and ensures the organization is resilient enough to quickly recover from any that succeed.
That means going beyond today’s typical approach, in which most companies simply allocate a set percentage of revenue or IT budget to security, without assessing their true needs. Effective cybersecurity requires a sustained effort that encompasses not only application security, penetration testing and incident management but also employee behavior, third-party risks, and many other potential vulnerabilities.
Cyber-risk incidents can have operational, financial, reputational and strategic consequences for an organization, all of which pose significant costs. This has made existing measures less effective, and it means that most organizations need to up their cybersecurity game.
How long does it take for a company to recover from a breach?
According to IBM’s “Cost of a data breach, 2022” study, it can take up to 277 days for a company to identify and contain a cyber attack. In the case of a ransomware attack, it can take an additional 49 days. During this time, in which a business is compromised operationally, the financial and reputational damage can be significant.
According to Gartner, by 2025, 70% of CEOs will mandate a culture of organizational resilience to survive coinciding threats from cybercrime, severe weather events, civil unrest and political instability.
COVID-19 has also exposed the inability of traditional business continuity management planning to support an organization’s response to large-scale disruption.
With continued disruption likely, Gartner also recommends that risk leaders recognize organizational resilience as a strategic imperative and build an organization-wide resilience strategy that also engages staff, stakeholders, customers and suppliers.
We believe that the key is to treat cybersecurity as a business decision, not just a technical issue that only technical people can handle. Instead, it needs to be at the center of any strategy.
What is worst? Reputation damage vs. money loss.
The two are linked but it’s clear that reputational damage can lead to significant financial losses.
Cyber attacks can often result in substantial financial loss from:
- Theft of sensitive information from the organization
- Theft of financial information (e.g. bank details, card details)
- Theft of money
- Disruption of transactions, negotiations, shopping journeys (e.g. inability to transact online)
- Loss of business or contracts
Trust is an essential element of a customer relationship. Cyber attacks can damage your company’s reputation and erode the trust your customers have in you. This, in turn, can lead to:
- Loss of customers
- Loss of sales
- Reduction in profits
The effect of reputational damage may even impact your suppliers or affect the relationships you may have with partners, investors and other third parties invested in your business.
Clearly, data loss and trust go hand in hand. A company suffering a breach can find their overall reputation harmed much more than they realize.
How the organization acts after the incident has occurred can have a major impact on the depth and permanence of the damage it may face – for a business to demonstrate cyber resilience, it must move quickly to restore its environment and brand after an incident.
How can Stefanini help businesses? What is your role on the cyber team?
Stefanini Group has a view that cybersecurity is a continuous journey. I am currently CEO of Cyber Tower, responsible for all the Stefanini Group cybersecurity strategy.
We offer tailor-made solutions, enabling businesses to benefit from cutting-edge Israeli technology or partnering with other well-positioned cybersecurity players on the market.
Our portfolio of strategic partnerships give us a robust technological base to support our clients.
We combine our historical capability of delivery with innovative Israeli security solutions to provide the market with a robust offering based on people, processes and technology.
We also maintain an SOC model based on the MITRE framework in four regions, able to support a customer’s environment around the globe.
In a connected world, threats are everywhere. As a result, organizations need a good structure for detecting, preventing and responding to cyber threats. By increasing their cyber resilience, business risk is mitigated and business continuity can be assured.
Our motto is: Your challenges. Our solutions. Your resilience.
What does co-creating cybersecurity mean? Could you describe an example that you took part in?
We have already supported clients during crisis situations, following a cyber incident, while also offering clients support in building their holistic cyber resilience strategy from the beginning.
In both situations, we put ourselves in the position of expert advisors, designing together with the client the best solution based on their needs.
Cyber co-creation means understanding security as a journey. Understanding and transforming the client’s scenario, adopting the role of a consultant, delving into problems and building trust. Security is about trust and should be seen as an ongoing process.