Last October, cybersecurity company ESET announced some updates to ESET HOME Security and I was wondering if you’d like to take a look at the latest version of ESET’s consumer offering to do a new review which covers the new features?
To rceap, ESET HOME Security is an all-in-one security management platform, available across all major operating systems and covering all typical smart home devices. To complement the long list of existing layers of protection, including Antivirus & Antispyware, Firewall, Ransomware Shield, Anti-Phishing, Safe Banking, Safe Browsing, Password Manager, VPN and anti-theft, to name just a few, new features and upgrades have been added including:
New Dark Web Monitoring — ESET Identity Protection scours websites on the dark web, black market chat rooms, blogs, and other data sources to detect the illegal trading and selling of users’ personal information. ESET technology sends prompt alerts so users can take immediate action.
New ESET Folder Guard — This technology helps protect Windows users’ valuable data from malicious apps and threats, such as ransomware, worms, and wipers. Users can create a list of protected folders — files in these folders can’t be modified or deleted by untrusted applications.
New Multithread Scanning — Improves scanning performance for multi-core processor devices using Windows by distributing scanning requests among available CPU cores. There can be as many scanning threads as the machine has processor cores.
New Link Scanner — This feature improves ESET Mobile SecurityAnti-Phishing that, in general, blocks potential phishing attacks coming from websites or domains listed in the ESET malware database. The Link Scanner is an additional layer of protection for Android smartphone users that allows ESET Mobile Security to check every link a user tries to open, not only those coming from supported websites and social network apps.
Improved Gamer Mode — This feature is for users who demand uninterrupted usage of their software without pop-up windows and want to minimize CPU usage. The improved version allows users to create a list of apps automatically starting gamer mode. For cautious players, there is also a new option to display interactive alerts while gamer mode is running.
Improved Password Manager — ESET Password Manager now includes an option to remotely log out of Password Manager when it is logged in on other devices. Users can check their password against the password breach list and view a security report that informs users if they use any weak or duplicate passwords for their stored accounts. Password Manager has an integrated option to use third-party programs as an optional two-factor authentication (2FA).
Improved Cyber Security for Mac users — ESET HOME Security tiers for Mac users now have a new unified Firewall with both basic and advanced setup options in the main Graphical User Interface (GUI). This means the solution is tailored to the needs of users from basic to more advanced, without unnecessary settings.
These enhancements correspond to the increasing number of advanced, automated, and AI driven threats targeting individuals and address growing concerns about data privacy, ransomware attacks, phishing, and scams. ESET offers three subscription tiers to ESET Home Security, more information on what’s included can be found here.
Every 39 seconds a cyberattack is happening somewhere in the world. And, while cybercrime involving large organisations, like the HSE or Sony, makes headlines; in reality, small and medium businesses are three-times more likely to be victims of attack, due to weak defences.
Current cyber threats facing businesses in Ireland, and what can be done to manage them, is the subject of the annual Irish Reporting and Information Security Service cybercrime conference, in Dublin in November.
IRISSCON 2024 takes place on November 6th next, at The Aviva Stadium in Dublin, featuring expert speakers and delegates from all over the world, as well as the popular Cybersecurity Challenge, testing the skills of would-be hackers to break the system!
Jake Moore, global cybersecurity advisor for security software company, ESET, is a keynote speaker. With a 14-year background in the UK police force, in digital forensics and cybercrime, Moore now helps businesses bolster their cybersecurity, blending real-world crime insights and social engineering techniques, with advanced digital security strategy, to combat ever-evolving cyber threats.
Attackers have been known to spend over 200 days in an organisation’s network, unnoticed, before launching any sort of attack, he says.
“Once a hacker has breached an organisation’s network through unprotected endpoints, like a mobile phone, laptop or IoT device, it takes around one minute, 84 seconds on average, to move laterally and get deeper into the network.
“That is not a lot of time for any network security to react, and, once the harm is done, it takes 73 days, on average, to contain the breach. So, the objective is to prevent the network access in the first place.”
Ransomware and phishing attacks remain top threats, according to the ESET software developers. Cybercriminals use AI algorithms to analyse vast amounts of their target segments’ data. They look at social media profiles, online behaviour, recent purchases and other publicly available information to create very personalised phishing and social engineering attacks.
Your Voice is my Password
With Artificial Intelligence affecting every single industry, AI obviously benefits cybercriminals too, Jake Moore says.
“From text and image creation tools, to audio and video generation, the newest wave of cyberattacks is AI supercharged. New defences are needed to protect companies from this next generation of attacks.”
The ESET expert’s work with clients begins with some very telling practical examples of their vulnerabilities. Jake Moore has hacked businesses using AI voice cloning technology, stealing money, completely unnoticed, in minutes.
He has also, in the guise of work, hacked a police station. Having socially engineered his way into the police station, he was able to steal a laptop, break the encryption, hack into the entire network, and change the password of the Head of Professional Standards, without being caught.
Moore also engineered a targeted phishing attack, via LinkedIn, on the CEO of a company, illustrating how easy it is to manipulate people into handing over their account credentials, and data, using hacking tools widely available on the internet, (if you know where to look).
Simple social engineering techniques, like psychological manipulation, tricks users into making security mistakes, or giving away sensitive information, so the criminal can take over their email account, website, or even their life, the cybersecurity pro says.
A new survey from leading Irish IT managed services provider Auxilion reveals that data loss/theft and ransomware/malware attacks were the cybersecurity concerns most cited by IT leaders when it comes to the cloud – at 30% respectively.
The research, carried out by Censuswide and involving IT decision-makers across large enterprises in the Republic of Ireland, found that 40% of respondents see IT security risks as a main concern associated with adopting and managing cloud computing.
A similar proportion (42%) said that the changing cybersecurity landscape was one of the biggest obstacles to the successful delivery of their IT strategy. Moreover, one in four (26%) IT leaders in Ireland do not think current laws and regulations are sufficient to protect privacy, access, and confidentiality in a cloud-based environment.
Adding to this, almost a quarter (24%) of IT decision-makers surveyed who are currently using the cloud do not think their own organisation has sufficient capabilities to manage cloud computing and more than a third of those respondents admitted to having little or no visibility of their workloads in the cloud (36%).
Despite this, some 83% consider cloud to be a more secure approach for their organisation. It appears that IT leaders are being proactive in this area with 83% also having a cloud security strategy in place and 73% currently using a technology partner to manage their cloud strategy and services.
The study also found that the shift to cloud is set to continue with nearly all respondents (96%) expecting to migrate more workloads, applications, and processes to the cloud over the next 12 months.
On October 9th, Auxilion, HPE and Zerto will be holding an event hosted by broadcaster Ivan Yates to discuss the increased need for robust data protection, cloud security, and business continuity capabilities.
Donal Sullivan, CTO, Auxilion, said: “While the cybersecurity landscape is constantly evolving, organisations are facing an even bigger uphill battle at the moment with the rise of threats enabled by Artificial Intelligence and the introduction of the European-wide NIS2 regulation in October.
“This means businesses not only need to be more proactive when it comes to securing their data and responding to incidents, they also need to ensure that they are meeting their compliance and regulatory obligations. This requires the right technologies and partners that can support security, mobility and scalability.
“The truth is that in this day and age, resilience and recovery are as important as detection and prevention when it comes to cybersecurity. Businesses which fail to recognise this and adapt their strategy could be at risk operationally, reputationally and financially.”
Chris Rogers, Senior Technology Evangelist, Zerto, said: “Rapid recovery from a cyber incident is more than a reactive measure – it’s a critical component of a resilient and forward-thinking business strategy. The ability to swiftly bounce back from disruptions not only minimises downtime but also safeguards reputation, customer trust, and bottom line.
“The real competitive edge lies in turning these challenges into opportunities for growth and innovation, and partnering with experts to unlock advanced cyber resilience capabilities can significantly accelerate an organization’s journey to cyber maturity.”
In today’s data-driven world, cyber security is more important than ever. Despite the uncertainty of recent times, businesses and organisations in Ireland are still transforming at speed.
Technology remains at the very centre of Government efforts to foster innovation and economic growth. The latest national digital strategy sets out a range of ambitious targets to ensure that three in four Irish businesses adopt Artificial Intelligence, Big Data and Cloud by 2030. 90% of services are also due to be consumed online by the end of the decade.
While these targets are welcome and, moreover, necessary to make sure Ireland harnesses the full potential of the very latest technologies, it’s also the case that an increase in digitalisation brings with it a corresponding increase in the threat of cyber-attacks.
Evolving cyber threats
Over the past year, we have seen several high-profile cyber incidents here in Ireland that reinforce the need for small and large businesses across the public and private sector in Ireland to enhance their cyber resilience. Indeed, in 2022 alone, the total cost of cybercrime is estimated to have surpassed €10bn.
As cyber-crime becomes more prevalent so do the sorts of attacks levelled at businesses become more insidious. The Garda National Cyber Crime Bureau and National Cyber Security Centre (NCSC) warned about an increase in ransomware attacks against small and medium sized businesses (SMEs) over the past few months. In recent weeks, the National Cybersecurity Coordination and Development Centre has been created to help strengthen SME cyber resilience.
The problem is that the ability to protect an organisation’s data has become increasingly difficult with some SMEs overwhelmed. A shift to hybrid working has given malicious actors new opportunities to target vulnerable remote workers while phishing attacks and email thread hijacking have been on the rise.
Business leaders are beginning to react, with nine in ten business leaders now recognising the vital importance of building the cyber resiliency of their firm. From Zero Trust frameworks for the verification, assurance and protection of data to robust response and data recovery plans, Irish leaders are turning to new technologies and new technology models to strengthen their cyber security.
Importance of culture
However, cybersecurity is just as much, if not more, about people than technology.
In tandem with technology solutions, there needs to be a cultural shift within businesses that recognises the importance of cyber security. This comes from the top of the organisation and filters through down to all levels and departments.
Business leaders are actually the first line of defence. By setting the tone and the culture for cyber resilience within an organisation, leaders play a vital role in putting cyber security at the very heart of business strategy and workforce development.
A key component of this is influencing employee behaviour around cyber resilience in the workplace – empowering their people with the latest training and skills to become role models and champions of the best cyber security practices.
While the latest intelligent tools and data protection services will always play a critical role, they are just one key part of an overall strategy that recognises how everyone within the business needs to work together to ward off cyber threats.
Whole of organisation approach
This particularly applies to those teams who are developing new products or services. By integrating cyber security into both their products and practices, these teams can help to close the loop on cyber security for their own business and that of their customers.
In this way, leaders can better embrace a comprehensive approach to cyber risk mitigation that goes beyond mere threat detection. Rather, they can ensure that cyber security plays an integral role in an organisation’s overall business strategy from the very beginning and is considered in any future digital transformation initiatives.
At Dell Technologies, we’re seeing more organisations across both the private and public sector treat cyber security as an integral component of their overall digital transformation strategy. When setting out to build a consistent digital learning experience for its 34,000 students and staff in a hybrid world, Ulster University tapped into Dell’s team of cyber experts to enhance its cyber resilience.
Protecting Ireland’s most critical data
With AI, 5G and Edge Computing developing at pace, Ireland has a unique opportunity to become a world leader in a range of emerging technologies. However, if we are to reach our 2030 digital targets, we need to continually ward off the latest cyber threats and protect Ireland’s reputation as a digital hub both in Europe and beyond.
At Dell Technologies, we are continually working to help Ireland remain one step ahead of cyber threats. Through a €2m investment in our new Customer Solutions Centre in Cork, we’re looking to provide the essential infrastructure for organisations to protect their most important information assets and help strengthen the city’s location as a cyber security hub.
But, as cyber threats become more sophisticated and costly, business leaders need to become the front line of defence on this journey.
That means placing a strong focus on building a culture where cybersecurity is everyone’s responsibility and where their people have the skills to enhance cyber resilience within their organisation. By fostering that culture, leaders of large, medium and small businesses can not only protect themselves against the increasing threat of cyber-attacks but can reduce business disruption and recover more quickly “when” and not “if” an attack occurs in the weeks and months ahead.
Nearly anyone can be a victim on the cyber battlefield, including celebrities. The personal data of Madonna, Bruce Springsteen, Lady Gaga, and Elton John was stolen from Grubman Shire Meiselas & Sacks (GSMS), and because GSMS refused to pay the ransom in full, much of the information ended up for sale on the internet. Even though the FBI got involved and GSMS hired private individuals to recover the data, only some of it was reclaimed.
Then, they threatened to publish the data if GSMS didn’t pay the ransom within a specified time frame
A ransomware attacker can gain access to your system through a number of ways, including guessing an employee’s password, using malware to infiltrate your network, email spoofing, or spear phishing, which is explained in this video by Cisco.
While cyber insurance cannot prevent a ransomware attack, there’s a lot it can do if you find your systems hacked and your data held for ransom. But each attack—and insurance policy—is different.
Below, we’ll discuss how cyber insurance works, how it can be used to reduce the impact of ransomware settlements, what it covers, and the trends shaping the cyber insurance industry.
What Is Cyber Insurance and Who Needs It?
An organization can obtain cybersecurity insurance, also known as cyber liability insurance or cyber insurance, to help mitigate internet-related risks such as ransomware and other forms of cyberattack. The insurance contract transfers some of the risks to the insurer in return for a monthly or quarterly payment.
Cyber insurance benefits companies that produce, store, and handle electronic data online, such as credit card details, client contact information, and consumer purchases. It can help pay for the costs of reclaiming data in case it gets stolen. Cyber insurance is also an advantage for e-commerce companies because downtime resulting from a breach may result in lost clients and sales.
Can You Minimize Ransomware Settlement Exposure with Cyber Insurance?
Ransomware attacks are becoming more prevalent. And because no company is too big or small for malicious actors, it’s only a matter of time before an organization gets attacked—which is why many companies purchase cyber insurance in the first place. They don’t want to single-handedly shoulder the costs of an attack. Ransomware payments can be excessively costly, and some cyber insurance policies may cover the entire amount demanded by hackers.
But insurance companies are starting to tighten their requirements. In a threat landscape that sees ransomware attacks consistently topping the list of threats—not to mention ransomware demands increasing—before they grant or renew coverage, they now take steps to make sure businesses have basic cybersecurity protections in place. Absent these protections, they either deny coverage or charge higher premiums.
As experts from FortiGuard Labs observed in this video about ransomware and ransomware settlements, attackers are now more advanced and persistent, and they’re “more like nation-states.” And that’s because ransomware attacks provide a consistent stream of revenue for them.
What Does Cyber Insurance Cover?
In addition to costs and legal fees, cyber insurance often assists with:
Restoring data from hacked systems and fixing broken computer systems
Notifying customers of a data breach
Protection against data compromise, which includes services from a public relations agency and providing credit monitoring for customers
Identity recovery protection for victims of identity fraud
Protection against harm caused by a virus or computer attack
When a data breach involves personally identifiable information (PII), most states require businesses to notify customers, and this can get costly. But because cyber insurance may cover this expense, a company can go the extra mile for customers that may have been impacted.
Cyber insurance may also cover the amount you send to an attacker as part of a ransomware settlement. In some cases, the insurance company may also help offset the costs of hiring a negotiator. In addition, cyber insurance may reimburse the money you spend to fix your systems. This may be the case if you’re hit with a wiperware attack, for example, which can destroy the data critical to your digital infrastructure.
What Cyber Insurance Can Do After an Attack
To illustrate the impact cyber insurance can have after an attack, consider the following example:
Suppose you’re the chief information security officer (CISO) at a large retailer, and your company gets hit with ransomware. The attacker demands that you pay $25 million in exchange for getting your systems back online. The following systems have been taken over by the attacker, and they’re currently useless:
Your website
Your e-commerce systems
Computers belonging to the accounting department
Your billing system
The digital infrastructure that handles product sourcing
Your company is losing thousands of dollars every minute, but after reaching out to the FBI, you’re advised not to pay the ransom. Desperate, you decide to hire a negotiator. They spend hours going back and forth with the attackers, adding to the expense of the attack.
Because you take too long to pay up, the attackers use wiperware to destroy the data on your email server, which also handles your e-commerce solution.
Eventually, the negotiator reaches a settlement with the attackers, and they agree to accept $5 million. You’re given control of the surviving computer systems again. But you soon learn that customer data had been stolen and was being sold on the dark web.
In this case, here’s what cyber insurance could cover:
The $5 million you paid to the attackers
The negotiator’s fees
The cost of restoring your web assets, including your e-commerce tools
Expenses associated with reaching out to customers to inform them of the breach and what you’re doing about it
Legal costs you incur because customers are suing you for compromising their information
The costs of free credit reports you will now provide for three years to customers whose data had been stolen, just in case the hackers—or those they sell the information to—use customers’ information to make illegal purchases
While it would be rare for companies who’ve gone through an actual attack to reveal in detail how cyber insurance helped with their expenses, the above example is certainly feasible. Naturally, the benefits to cybercriminals are significant, and this has given rise to some interesting developments that directly impact the cyber insurance industry.
Trends in Cyber Insurance
Cyber risks are intricate and constantly changing. Attacks are becoming more frequent, with costs reaching millions of dollars. High-profile incidents like the Colonial Pipeline attack have been dissected and discussed far and wide, resulting in shifts in the cybersecurity insurance industry. Below is a list of some of the trends that are defining—and will continue to define—the cyber insurance space.
As incidents gain wide media coverage, incidents become more frequent and serious
More severe fines for data breaches can be anticipated in the future as data protection legislation begin to take shape around the world
Intellectual property theft, business interruption, and cyber extortion will continue
Vulnerable critical infrastructures pose a serious concern
Cybersecurity isn’t foolproof
Can Cyber Insurance Save the Day?
Even though cyber insurance may absorb much of the impact of a ransomware attack, it won’t cover other losses—for example, customers choosing to stop doing business with your company or potential business partners suddenly backing out of deals.
So while cyber insurance will greatly help with costs, you still need to bolster your cybersecurity defenses, such as updating your security solutions, properly configuring your firewalls, performing frequent backups, and conducting regular employee education. Doing so reduces your chances of exposure to an attack—which, in turn, reduces the likelihood of your company paying hefty ransomware settlement amounts. Learn what cyber insurance covers and if you can use it to minimize your exposure to ransomware. Discover the latest cyber insurance trends.
HP today released its 2021 predictions on how security threats – such as human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise and whaling attacks – are set to increase in the next 12 months.
“Organizations have had a tough 2020, and in Ireland specifically, the financial services and healthcare sectors have been particularly vulnerable to attacks. The shift to remote working has widened the attack surface and made life even more difficult for security teams, meaning the days of the hardened perimeter are behind us. Now, more than ever, organizations need to shift their focus to delivering protection where it is most needed: the endpoint. Over the course of 2020, we have seen hackers become increasingly targeted, while also using sophisticated lures to trick users into engaging in risky behaviours. Over the next 12 months we will see more of the same, with targeted and sophisticated attacks directed at users and endpoints,”
Gary Tierney, Managing Director at HP Ireland. “Organizations cannot afford to close their eyes and hope for the best in 2021, which is why it’s critical that they adopt a protection-first approach to endpoint security to keep them a step ahead of cybercriminals.”
HP’s cybersecurity experts including – Julia Voo, Global Lead Cybersecurity and Tech Policy; Joanna Burkey, CISO; Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Labs; Dr Ian Pratt, Global Head of Security for Personal Systems; and Alex Holland, Senior Malware Analyst – and experts from HP’s Security Advisory Board – Justine Bone, CEO at MedSec; and Robert Masse, Partner at Deloitte – all gave their predictions for the year ahead.
Weakened organizational security will lead to more unintentional insider threats
The dramatic changes to how we work in 2020 and the shift to remote working will continue to create challenges, says Julia Voo: “COVID-19 has weakened organizational security. Remote access inefficiencies, VPN vulnerabilities and a shortage of staff that can help the business adapt means data is now less secure.” From a cybercriminal’s perspective, the attack surface is widening, creating more opportunities, as Joanna Burkey explains: “We can expect to see hackers identifying and taking advantage of any holes in processes that were created, and still exist, after everyone left the office.”
Boris Balacheff points out that this also means that home devices will be under increased pressure: “We have to expect home infrastructure will be increasingly targeted. The scale at which we operate from home increases the incentive for attackers to go after consumer IoT devices and pivot to business devices on the same networks. And as we know, if attackers are successful with destructive attacks on home devices, remote workers won’t get the luxury of having someone from IT turning up at their door to help remediate the problem.”
Burkey also believes there will be more unintentional insider threats: “With employees working remotely, the lines between work and personal equipment are blurred, and innocent actions – such as reading personal email on a company machine – can have serious consequences.” Overall, the pandemic has increased the risk of employees making errors, as Robert Masse explains: “If you view the pandemic as a war experience, then organizations will be dealing with employee burnout. This can lead to an increased risk of errors in judgement.”
Human-operated ransomware attacks will remain an acute threat
Ransomware has become the cybercriminal’s tool of choice, and this is likely to continue in the year ahead, comments Burkey: “What we’ll see is a rise in ransomware-as-service attacks where the threat is no longer the ‘kidnapping’ of data – it’s the public release of the data.”
The rise of ransomware has fueled the growth of an ecosystem of criminal actors who specialize in different capabilities needed to pull off successful attacks. Malware delivered by email, such as Emotet, TrickBot and Dridex, are often a precursor to human-operated ransomware attacks. “To maximize the impact of an attack, threat actors use their access to compromised systems to deepen their foothold into a victims’ networks. Many crews use offensive security tools to gain control of a victim’s domain controllers, which are often the best point in a network to deploy ransomware,” explains Dr Ian Pratt.
This trend is of particular concern to those in the public sector, as Alex Holland explains: “The rise of ‘double extortion’ ransomware, where victim data is exfiltrated before being encrypted, will particularly hurt public sector organizations, who process all manner of personally identifiable information. Even if a ransom is paid, there is no guarantee that a threat actor won’t later monetize the stolen data.”
Greater innovation in phishing will see thread hijacking and whaling attacks
In 2021, there will be more innovative phishing lures designed to trick users and make attacks harder to identify. “The most innovative mass phishing technique we see is email thread hijacking, which is used by the Emotet botnet. The technique automates the creation of spear-phishing lures by stealing email data from compromised systems. This data is then used to reply to conversations with messages containing malware, making them appear very convincing,” explains Dr Ian Pratt. We can also expect to see more of these attacks targeting individuals working remotely, says Justine Bone: “Thanks to everything relying on strong authentication, as opposed to in-person presence, there is more opportunity for hackers to engage in social engineering to trick employees into divulging credentials.”
The prospect of continued social isolation has encouraged people to share more personal information online, which cybercriminals can weaponize. “Whaling, a form of highly targeted phishing attack aimed at senior executives, will become more prominent with cybercriminals able to take personal information shared online to build convincing lures leading to business email compromise fraud,” comments Masse. Many of these phishing emails will continue to exploit people through fear, according to Voo. “New fears will be used to drive people to open malicious emails – whether it’s COVID vaccines, financial concerns related to the lockdown and any political instability.”
Hackers will tailor attacks to target specific verticals – in particular, critical infrastructure, pharma and healthcare, Industrial IoT and education
One of the most at-risk verticals in 2021 will be healthcare. “Healthcare has been a perfect target – society depends on it and these organizations are typically under-resourced, change-averse and slow to innovate. Education also fits this criterion and could be another prime target,” says Bone. However, this threat extends beyond hospitals and doctor’s surgeries into more critical areas. “Due to the race to develop a new vaccine, pharmaceutical companies and research facilities will also continue to face adverse risk,” comments Masse.
But the next 12 months will also see other targets come into consideration for hackers. “Car makers, particularly EV companies, will become bigger targets as they grow in prestige and profitability, and we can also expect to see critical infrastructure and the Industrial Internet of Things continue to be in hackers’ crosshairs,” explains Masse.
Zero trust is here to stay, but needs to be implemented in a way that is transparent to the user
Zero trust as a concept isn’t new, but the increase in remote working means that it is now a reality that organizations need to accept. “The traditional ways of securing access to the corporate network, applications and data are no longer fit for purpose. The perimeter has become obsolete. Over the years the workforce has become more dispersed, and SaaS adoption has risen – this means critical data is being hosted outside the enterprise firewall. The time has come for organizations to start protecting against the unknown, which means utilizing zero trust, but in a way that is transparent to the user,” comments Pratt.
COVID-19 will be a key driver behind zero trust adoption and also means we’ll see greater innovation in this area. “Zero trust is the best defensive approach for enabling remote working, but for identity and access management to be seamless it needs to be easy to use. Quality authentication methods are a key enabler of zero trust, which is why technologies such as biometrics will be expected by end users in the future,” comments Bone.
A new approach to security is needed
“2020 demonstrated that is has become critical to manage highly distributed endpoint infrastructure,” comments Balacheff. “Organizations need to accept that the future is distributed. Everything from remote workers’ devices to industrial IoT devices have become the new frontlines of the cybersecurity battleground in our increasingly cyber-physical world. To meet this challenge, organizations need to re-think their security architectures and controls, and embrace the necessary innovation in technology and processes to help them support this new environment. For example, modern hardware technology exists that can help not only protect but also recover employees remotely and securely in the face of destructive attack like those we have seen in the last few years.”
“Organizations face a huge security challenge in the year ahead, with cybercriminals becoming savvier about how to extract the most value out of victims,” comments Ian Pratt. “Relying on detection alone will only result in an unsatisfactory outcome for the organization, so a more architecturally robust approach to security is required; one that builds protection in from the hardware up. Hardware-enforced technologies like micro-virtualization are transparent to the end user – this means they can click on email attachments and download files as they normally would, but are safe in the knowledge that if anything is malicious, it is rendered harmless. This protection-first approach leaves hackers with nothing to steal and no way to persist, helping organizations to deal with the variety of threats 2021 and beyond will throw at them.
A recent global report by Hiscox Insurance has found that 41% of Irish firms had experienced at least one cyberattack event in a six month period from September 2019 to February 2020. These are among the findings of a study of 5,569 companies across eight countries that was commissioned by insurer Hiscox, which includes Irish data for the first time.
The report revealed that 6.5% of Irish firms paid a ransom following a ransomware attack.
The total cost of cyber incidents and breaches among the 335 Irish companies in the Hiscox Insurance study group was over €113m, the second lowest total of the eight countries surveyed. Despite this, of the 125 Irish companies that suffered a cyber breach, Ireland also had the highest median cost (€91,860). One Irish company suffered total cyber losses of €17.8m, with the largest single event costing approximately €4.5m.
The most heavily targeted sectors were financial services, manufacturing and technology, media and telecoms with 44% of firms in each sector reporting at least one incident or breach.
The Hiscox Cyber Readiness Report, now in its fourth year, surveyed a representative sample of private and public sector organisations in the US, UK, Belgium, France, Germany, Spain, the Netherlands and Ireland. Each firm was assessed on its cyber security strategy and execution, and ranked accordingly.
Irish companies are ahead for most cyber spending categories for the coming year, and by some margin, in enhancing disaster recovery capabilities, improving the security of customer-facing services and apps, and enhancing top management engagement in cyber policies and procedures.
Ireland also tops the table for the percentage of companies expressing confidence in their IT and security readiness (70% and 66% respectively). They are also most likely to have a standalone cyber insurance policy (38%).
Patrick Mettler, Head of Sales and Distribution for Hiscox Insurance Ireland said; “To have an Irish snapshot in the Hiscox global survey on Cyber Readiness gives us a great insight. It is shocking to see so many Irish companies suffering a cyber attack and likewise the number of businesses that have paid a ransom following a malware infection is chilling.
There is, however, one very positive message from this year’s report. There is clear evidence of a step-change in cyber preparedness, with enhanced levels of activity and spending. Take-up of standalone cyber insurance remains patchy, but this report is a reminder that firms are many times more likely to have a cyber incident than either a fire or a theft – for which most automatically insure.”
The global picture for Cyber Readiness is a lot more encouraging. While losses increased, the proportion of businesses targeted fell from 61% to 39%. Cyber losses among businesses targeted in the past year have risen nearly six-fold, from a median €8,900 per firm to €50,732. But there are signs that firms are responding with more rigorous security measures and higher spending, to combat the loss, which increased by 39%.
Key Findings:
335 – number of companies surveyed in Ireland
41% of Irish Firms reported at least one cyber event in the last 6 months
6.5% or 22 firms paid a ransom following a ransomware attack
The total cost of all cyber incidents and breaches among the 335 Irish companies was €96million
The largest Cyber incident or breach reported cost the firm approximately €4.5 million
Irish firms were ahead of the rest in terms of spending on Cyber protection
On average, Irish businesses spent 13% of their IT budget on Cyber Security
One quarter of firms (24%) ranked as Cyber readiness experts and are most likely to have either a dedicated head of cyber security or a dedicated team (89%)
38% of firms say they have specialist cyber insurance cover
18% of businesses responded with ‘don’t know’ when asked if they had experienced a Cyber event.
5% of businesses stated they do not back up their critical data.
Global Key insights;
5,569 professionals responsible for their organisation’s cyber security strategy were surveyed
The number of firms affected by a cyber event this year fell considerably, from 61% to 39%
Total cyber losses among the affected firms were $1.8 billion – up from $1.2 billion the previous year
More than 6% of total respondents paid a ransom to an attacker. Their combined losses came to $381 million.
Firms increased their cyber security spending by 39%. Expert firms spent more and plan to go on doing so
15% of businesses reported difficulty attracting new business, following a cyber crime incident
Twice as many firms responded to a breach by adding new security and spending more on employee training
