Every company, regardless of its size, has a list of concerns it must deal with: the sustainability of its business, future profitability, competition, possible changes in the sector, regulations… These days, there is one other subject that is taking on an increasingly important role in organizations’ strategy: cybersecurity and how to avoid cyberattacks.
This is made clear by a report called Regional Risks for Doing Business 2019, published by the World Economic Forum. For this report, 12,900 company executives from all over the world were interviewed about the main concerns they had regarding the risks their companies are facing.
The report reveals a striking fact: technological risks are the only category identified as one of the top five concerns for all groups interviewed. Cyberattacks are, in fact, shaping up to be the main risk for executives in Europe and North America, as well as for those in leading national economic powers such as the USA, Germany, the UK, France, Italy and Canada.
New ransomware strains_
These directors’ concerns about their organizations’ cybersecurity isn’t simply down to known cyberattacks; above all, it is due to the fact that, over time, cyberattackers switch up and develop their strategies. One clear example of this is ransomware. Losing data, files, or confidential information, or putting it within reach of malicious parties, could lead to dire consequences for any organization. It could also result in IT, healthcare, social or even critical infrastructure systems being stopped from working correctly, hindering their activity.
Some countries have already suffered at the hands of this kind of attack in 2019. The ransomware LockerGoga was used to attack important industrial and manufacturing companies in France, Norway and the USA, while American cities such as Atlanta, San Antonio and Baltimore have seen their pubic services compromised. The European Central Bank also had to close an external website in August after its subscribers’ personal data was exposed. But we cannot forget that major global ransomware attacks are synonymous with one incident: WannaCry, the effects of which are still being felt in some companies. The latest signs of a reactivation of this wave of ransomware that has been detected over the last few months was seen in Spain; several companies in different sectors were targeted with ransomware. As with all incidents of this kind, there is always the temptation to seek a quick fix to the problem by paying the ransom.
The biggest concern, however, for these countries with regards to ransomware is yet to come: Canada was concerned that its federal elections back in October could have be mired by this kind of cyberattacks, while the United States could find itself in a similar situation when the 2020 presidential elections roll around.
At this point, it is important to remember that paying the ransom in no way guarantees that any files files will be recovered; more often than not, after paying up, we’ll be asked for more money, and end up financing and encouraging this kind of activity.
The danger of data theft_
Ransomware is not the only reason that companies need to be on the lookout. Another pressing concern is any kind of data breach, whatever form it may take. Previous incidents serve to underline this fact: back in July, the bank Capital One suffered a security breach that gave a cybercriminal access to the data of millions of customers and credit card applicants, as well as their Social Security data.
This is by no means an isolated case. By September the Spanish Data Protection Agency had already registered 688 security breach notifications since the start of the year, a year that started with the discovery of the largest ever collection of leaked personal data, known as Collection #1.
Protection and prevention on the endpoint_
When it comes to this kind of malicious activity, attackers still have one main goal in mind: the endpoint. This is where the most sensitive information is to be found, and where they can compromise the credentials that will allow them to make lateral movements to get onto other networks and systems.
To prevent, detect and avoid this kind of cyberattack, it is vital for companies and public institutions to have complete control of everything that happens on their IT systems. They also need advanced cybersecurity solutions to avoid any kind of intrusion. This is exactly what Cytomic Platform does; it processes large volumes of data, events and scaled threat intelligence with artificial intelligence algorithms. The aim of all of this is to reduce the attack surface, prevent, detect and respond to any kind of cyberattack, carried out with known or unknown malware, including ransomware.
Thanks to a Zero Trust model, Cytomic Platform registers and validates 100% of process before they run. These levels of visibility and control enhance our prevention, detection and response capabilities, protecting all of our customers against next generation attacks. Because simply reacting is no longer enough. Any organization that wants to protect their cybersecurity efficiently must work proactively to minimize all risks.