August Ransomware Recap: Sixth Month in a Row with YoY Increase
It didn’t feel like it, but some ransomware groups took a summer break. Here’s what you need to...
With the increased incidence of “social engineering” tactics like phishing, people have become one of the biggest security risks for organizations of all types.
There are two sides to cyber risk that brokers should understand when selling a cyber policy.
One gets talked about the most (at least by vendors who sell cybersecurity solutions): IT defenses. That means being prepared to keep out snooping hackers with technology solutions like firewalls and encryption, monitoring to know when an attack is taking place, and defense plans to take action when you are being attacked.
The other side of cyber risk is less sexy because it has no easy solutions. That is the people: your clients’ employees, their business partners, and their clients. With the increased incidence of “social engineering” tactics like phishing, people have become one of the biggest security risks for organizations of all types -- government and private industry; high-tech and old-school; large and small.
After many high-profile reports of social engineering in the past few years, there has been a surge in organizations providing information and training for their employees, teaching them to look out for these social engineering tactics. Perhaps you’ve sat through a mandatory webinar yourself. Those efforts are starting to pay off, as surveys this year have started to show reductions in self-reported risk in categories that include phishing and social engineering. Yet the continued prevalence (and success) of malware and phishing points to the limitations of training and education. Cybercriminals aren’t giving up so fast.
In fact, your client’s technical defenses can directly impact social engineering risk. Criminals go after companies they can identify as having low defenses because they are less likely to have adequate training programs in place. Often the victims in these situations are smaller companies without dedicated IT resources to provide proper education and protocol to their employees. At the other end of the spectrum, larger established companies whose sheer scale prevents them from being able to take advantage of the most up-to-date IT defenses can provide fertile ground because their organizational complexity is easy to exploit.
Whatever category your client falls into, there are steps they can take to mitigate risk.
With social engineering and phishing, your “defenses” are a combination of your technical defenses and of your people. At Corvus, we review your IT setup and identify any gaps that could lead to greater vulnerability (this is included in our Dynamic Loss Prevention reports). Any business should cover 5 key aspects to both prevent and mitigate the impact of “people risk”:
Look out for rogues. What looks like a social engineering incident is not always an accident; sometimes the call is coming from inside the house. Monitoring internal employee sentiment may help your client identify trends in morale that may lead to disgruntled employees before a cyber event occurs. This could involve using reports that gather data from sites like Glassdoor and LinkedIn to help your client know when their risk is highest.
Monitoring Dark Markets
Cyber insurance policies typically offer coverage for the types of social engineering exploits that lead to losses for your clients. The best policies go beyond coverage and help to inform the policyholders’ strategy for preventing losses. Many of the services mentioned above come as a value-add with cyber insurance policies, such as phishing testing, monitoring of company employee sentiment, evaluation of your IT team staffing, and dark web monitoring. Cyber insurance also helps clients navigate the stressful situation of dealing with a breach, including finding third-party resources to help.
Perhaps you’re gathering the conclusion here: gathering data on how risky your client’s business is and having a response plan in place are key to ensuring that the right level of effort is taken to mitigate risk and prevent loss.
It didn’t feel like it, but some ransomware groups took a summer break. Here’s what you need to...
For the fifth month in a row, more than 300 global victims were posted to ransomware leak sites. In...
Today, organizations face an evolving range of cyber threats, from data breaches to ransomware...