The Risk of Cyberattacks Increases — Again

The Biden administration came into office warning about the dangers of cyberattacks. For two years, it has emphasized the need for the government and the private sector to harden their cybersecurity defenses. In March, the federal government raised the threat level again, noting the likelihood of increased Russian cyberattacks against U.S. infrastructure and private enterprises.

Data Shows Corporation Cyberattack Increases

These warnings come during a continuing upswing in malicious activity. Check Point Research, a firm specializing in the collection and analysis of cyberattack data, notes that customers’ corporate networks saw a 50 percent increase in attacks per week compared to 2020. Q4 2021 saw the highest incidence of weekly cyberattacks ever, averaging 925 per organization.

Major cyberattacks, like those against SolarWinds, Microsoft Exchange and Colonial Pipeline, revealed the consequences of vulnerability. The across-the-board increase in the types of cyberattack and their penetration of virtually every industry is equally troubling. According to the SonicWall 2022 Cyber Threat Report, every type of cyberattack increased during 2021. Ransomware attacks rose by 105 percent to 623.3 million. IoT malware incidents rose 6 percent, to 60.1 million attacks. Intrusion attacks rose 11 percent to 5.3 trillion.

Given the increasing risk of cyberattacks, every company needs a proactive, ever-evolving approach to cybersecurity.

Effective Cybersecurity Starts with a Public-Private Partnership

The Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the need for ongoing collaboration and information sharing between the government and the private sector. The federal government provides actionable intelligence, with briefings and advisories, and then leaves the cybersecurity response to individual companies.

In addition to sharing threat intelligence, the federal government recommends ways to respond. As part of its Shields Up initiative, CISA lists five critical steps for CEOs to improve cybersecurity:

• Empower your Chief Information Security Officer (CISO) — The CISO must be a part of any decision-making that involves risk. In addition, security investments should be a top priority.
• Lower your reporting threshold — Publish documented thresholds for reporting potential cyber incidents to senior management and CISA or the FBI. This identifies threats faster to limit damage.
• Test your response plan — Include senior management and board members in your tabletop exercises. Make sure everyone understands the process for managing cyber attacks within your company and supply chain.
• Focus on continuity — Investments in security and resilience should focus on systems supporting critical business functions. Make sure you can restore critical data quickly, with backups isolated from network connections.
• Plan for the worst — Have emergency measures in place to protect your company’s most critical assets. Be ready to disconnect high-impact parts of your network to limit the reach of a cyberattack.

These recommendations cover the fundamentals. Effective protection also requires a granular assessment of your company’s current state of cybersecurity in order to implement specific policies and processes to harden your defenses.

The Value of Ongoing Cybersecurity Risk Assessments

The assessment is not a one-and-done exercise, but rather an ongoing process, where you and qualified cybersecurity advisors zero in on emerging vulnerabilities and the resulting risk. The assessment identifies specific risks, determines their potential for damage and helps you prioritize steps for mitigation. This information, shared with all stakeholders, can improve your company’s response to cyber incidents.

Your assessment process should give you a detailed view of your most valuable IT assets. It should identify all potential cyber threats and pinpoint the data breaches that would disrupt business operations. The assessment should define the operational impact of a security breach. Once your organization maps out the potential damage, you can develop a playbook to contain and neutralize the cyberattack.

An ongoing, proactive approach is essential as long as you communicate or do business in the digital domain. The threat of Russian state-sponsored cybercriminals and other global non-state actors will continue to be a concern. These groups display remarkable ingenuity in their efforts to infiltrate networks and evade detection. Their ability to penetrate your organization will only grow with the rise of remote workforces, artificial intelligence and machine learning.

A Best-Practices Approach to Enterprise Security

A reactive approach to cybersecurity can be ruinously expensive. A successful cyberattack can inflict substantial damage to your bottom line, with financial, legal and reputational consequences. Rebuilding trust with your customers and suppliers will be a long, costly process — assuming they’re willing to move forward with you.

Windham Brannon’s cybersecurity practice can help you prevent the need for remediation. Our Cybersecurity Maturity Assessment (CMA) gives you a high-resolution image of the controls that protect your digital infrastructure, applications and data. This is a gap analysis, to define your current state and the path to your target state. We’ll show you the vulnerabilities in your policies, processes and controls. Next, we work with you and your organization to develop a best-practices approach to cybersecurity. This helps to ensure that your cybersecurity evolves with the changing digital landscape.

To learn more about the value of a CMA, talk to your Windham Brannon advisor.