- Aquaculture, Equine & Livestock
- Architects & Engineers
- Aviation & Aerospace
- Consumer Goods & Services
- Education & Public Entities
- Entertainment & Leisure
- Financial Services
Let's Talk: The importance of flexible security in difficult times
June 11, 2020
Dealing with the COVID-19 pandemic affects us all. Businesses around the world are finding new ways of working as the pandemic continues to affect the safe movement of people and goods. And against this backdrop, the cyber threat has not gone away.
Annabel Jamieson, manager - cyber defence at Accenture, and James Tuplin, head of cyber and TMT at AXA XL, discuss the results of the latest Accenture/AXA XL cyber threat intelligence analysis and how all businesses can apply adaptive security to be more cyber resilient.
Q. What does the current threat landscape look like?
Annabel Jamieson: As you would expect, cyber criminals are taking advantage of the COVID-19 crisis and having a broad impact across industries around the world. For example, malicious actors are are aware that companies are struggling to keep up with new demands, and that some security teams have limited access to the tools and talent required to defend their businesses effectively.
Cyber criminals are preying on the susceptibility of newly remote workers by offering lures and traps that imitate credible sources. For instance, our most recent cyber threat intelligence analysis report, produced in collaboration with AXA XL, shows that 33 percent of our cyber investigations undertaken in the last quarter were related to business e-mail compromise. Another popular method for targeting organisations has involved exploiting remote-access vulnerabilities, with 30 percent of incidents examined involving this method of compromise.
Q. Is there a threat to intellectual property (IP)?
Annabel Jamieson: Industries that house organisations making considerable investments in research and development (R&D)—such as defence, manufacturing, academia, aerospace—have historically been key targets for espionage actors looking to steal trade secrets and corporate IP. Alongside these traditional targets, the pharmaceutical industry would be highly attractive today, as malicious actors look to disrupt companies seeking a vaccine for COVID-19.
Organisations are often unaware of sensitive publicly available information that threat actors can turn to their advantage; our latest cyber threat intelligence report found that 10 percent of companies had exposed information, such as sensitive manuals, product diagrams or protocols, on public online repositories.
Q. How are cyber criminals carrying out attacks?
Annabel Jamieson: The techniques being used by malicious actors to exploit the situation are not new—methods such as phishing, social engineering, credential access and the deployment of malware have all been widely used by cyber criminals for some time. Typically, cyber criminals have taken advantage of human vulnerabilities, which often require low investment but can generate big returns. Accenture is continually monitoring the market for new threat campaigns used by malicious actors.
Q. What can companies do to combat current cyber threats?
Annabel Jamieson: Above all, COVID-19 is a health and humanitarian crisis. But just as businesses are seeking to protect their colleagues by enabling them to work from home or putting social distancing protocols in place, so they can protect their people against cyber threats. Clear, consistent and regular communication is key. For example, colleagues should be made aware of procedures to protect company information. They should be briefed on best practices for working from home and helped with configuring and connecting to virtual private networks (VPNs) in the safest way. Computers and devices that colleagues are using to work from home should be updated regularly, where possible. Above all, security needs to be adaptive and resilient, so that it can flex to meet future, changing demands.
James Tuplin: Colleague education is a vital part of being more cyber resilient. Companies should have robust processes in place to help colleagues identify phishing if they believe something to be suspicious. And as well as basic security steps, such as keeping software up-to-date, colleagues should also be encouraged to change their passwords frequently and not to use familiar or meaningful data within those passwords.
Q. How can cyber underwriters help companies to manage cyber threats?
James Tuplin: It is important to remember that a cyber policy is a guarantee of service, which provides not only financial protection should an attack occur, but also expertise to help clients handle a cyber situation from start to finish.
I can’t stress enough that companies should focus on the prevention of cyberattacks. As the current situation has illustrated, it’s also vital that their security teams test business continuity plans regularly.
Of course, insurers can play their part by offering access to expertise to help mitigate exposures, as well as post-breach recovery services if an attack takes place.