Ransomware is still one of the top cyber risks for businesses, although there are new threats emerging. According to the Allianz Global Corporate & Specialty Cyber Report, ransomware attacks are impacting both big and small businesses. The recurrence of email attacks is also increasing and compromising businesses.

Cyberspace risks

Ransomware remains a top cyber risk globally and the war in Ukraine and wider geopolitical tensions are concerns as it could impact the cyberspace. This can  cause targeted attacks against companies, infrastructure or supply chains, according to a new report from Allianz Global Corporate & Specialty (AGCS).

The cyper threat landscaped are thus reshaped and increasing the risk of espionage, sabotage and destructive cyber attacks against companies with ties to Russia and Ukraine, their allies and neighbouring countries. This can lead to state-sponsored cyber acts and could potentially target critical infrastructure, supply chains or corporations.

Rearing trends

The insurer’s annual review of the cyber risk landscape sheds light on rearing trends posed by the growing reliance on cloud services, an evolving third-party liability landscape, the heightened risk of state-sponsored attacks, a shortage of cyber security professionals and cyber governance under increasing environmental, social and governance (ESG) security.

Potentially susceptible companies’ cyber security resilience is inspected more than ever by global investors, confirming it is the major ESG risk concern.

According to Scott Sayce, the global head of cyber at AGCS and group head of the Cyber Centre of Competence, Ransomware and phishing scams are extremely active and there is the prospect of a hybrid cyber war. “Most companies will not be able to evade a cyber threat, however, organisations with good cyber maturity are better equipped to deal with incidents.”

  •  Companies need to strengthen their cyber controls, especially with IT security training, better network segmentation for critical environments, and cyber incident response plans and security governance.”
  • Companies must focus on creating a sustainable cyber insurance market as ransomware attachs are more frequent.
  • Keeping in mind in 2021 there was a record 623 million attacks, double that of 2020.

Companies with critical infrastructure targeted

There was a global frequency decrease in the first half of 2022, but ransomware can cost organisations billions of dollars globally by 2023 – especially in larger companies with critical infrastructure and supply chains, as they are targeted by criminals.

Sayce explained that criminals have honed their tactics to extort more money:

  • *Sensitive data is increasingly stolen and used as leverage for extortion demands to business partners, suppliers or customers.
  • Ransomware severity is likely to remain a key threat for businesses, fuelled by the growing sophistication of gangs and rising inflation. This is reflected in the increased cost of IT and cyber security specialists.
  • Smaller and mid-sized companies targeted by gangs as they often lack resources to invest in cyber security.

Sophisticated scams

Gangs are using several harassment techniques and customising ransom demands; and are using expert negotiators to maximise returns. Even virtual meeting platforms are used to deceive employees to share sensitive information or even transfer funds. Increasingly, these attacks are enabled by artificial intelligence enabling “deep fake” audio or videos that mimic senior executives.

Cyber threat trends

Some of the trends include:

  • Hackers target vulnerable supply chains: Supply chain attacks (critical infrastructure and cloud services) are especially vulnerable. 
  • Cloud outsourcing: Companies continue to store data on the cloud, despite growing security concerns.
  • Third-party liability (including fines and penalties) is becoming more relevant with advances in technology, organisations collecting more information and enforced data privacy regulation.
  • Shortage of professionals: Delayed efforts to improve cyber security.
  • Cyber security increasingly seen through the ESG lens: Companies’ cyber security resilience is scrutinised by stakeholder groups and cyber security considerations are incorporated into the ESG risk-analysis frameworks of data providers, ensuring a company’s cyber processes and policies are understood and that risk monitoring processes are in place.

Essential risk management

It is essential for companies to improve their security and risk management controls. Sayce says that they are gaining better insights and appreciate clients who provide comprehensive data. “This helps us to improve risk management and response approaches, resulting in less significant cyber events for our customers and fewer claims for us. The collaboration will also help in creating a long-term sustainable cyber insurance market.”

What it means for business

It is essential to apart from the previously sufficient Antivirus Software, to protect your business against cyber attacks and using higher-grade protections. This may mean another expense to keep up with emerging trends and evolving risks to enable and manage your increasingly vulnerable systems.

Full acknowledgement and thanks go to www.agcs.allianz.com for the information in this editorial.

Knowledge is power! Sign up for our newsletter: https://www.buildinganddecor.co.za/  Subscribe to our free magazine on http://tiny.cc/fwsubs or join other discussions on http://www.facebook.com/buildinganddecor, http://www.twitter.com/buildingdecor and https://www.linkedin.com/showcase/10172797/

Subscribe to our Community👇

Stay Inspired, Stay Educated, Stay Informed.

This is how people in the built environment do it!

By subscribing you agree to receive our promotional marketing materials. You may unsubscribe at any time. We keep your data private.