Cyberattacks have become a trending topic which organizations are continually working to understand and mitigate. Many know there has been a significant increase in the amount of cyberattacks which have occurred but it is also important to note the increase in severity of these attacks.
“Group-IB – a Russian-led cyber security company – reported that global ransomware incidents surged by 150% in 2020, with the average extortion amount also doubling,”
Insurance Business Magazine offers advice for businesses to create an effective plan to mitigate their cyber risks. It is suggested to first assess potential risk and work to understand what loss exposures could come from a cyberattack. An organization will not be able to protect themselves if they are unsure what they are trying to protect - so this is a crucial first step to staying ahead of these attacks.
Once organizations determine what risks they face and what they are working to protect, they can then develop a plan to protect themselves. It is important to not overlook the basics when creating a protection plan. Exploit of software vulnerability is high on the list of the most common ways an attacker initially attempts to hack a system which is why it is important to implement basic cyber protection practices that could easily be forgotten.
An interview with Thomas Kang, head of cyber, technology and media for North America at Allianz Global Corporate & Specialty, offers more details on the basics in a plan to protect from cyberattacks. Kang suggested using a risk-based approach when creating an organization’s plan by using different levels of multi-factor authentication for different users who have varying levels of privilege. He further explains ‘zero trust concepts’ and how taking a risk-based approach to cyberattacks could offer a greater level of security.
The article on mitigating cyber risks also offers advice for managing the severity of a cyberattack if it were to occur even after taking these precautions. It is suggested to take steps such as regularly backing up data, and encrypting data. Ideally a protection plan will prevent a cyberattack from occurring at all, however this final part of the plan will proactively protect an organization from more severe ransom if a breach does occur.
For more ways to protect your business from increased cyber risk severity, read the full article here.