Becoming Resilient to The Cyber Incidents of Today And Tomorrow

By Theresa Le, Chief Claims Officer, Cowbell

As cyber threats escalate and evolve worldwide, businesses must ensure their foundations are solid to withstand potential cyber incidents. Developing organizational resilience involves creating an environment capable of adapting and recovering both operationally and reputationally from a cyberattack. Today, threat actors are not only refining methods to infiltrate systems through the exploitation of both technical and human vulnerabilities but also enhancing their post-infiltration strategies. This heightened sophistication requires organizations to deploy a combination of diverse protective measures and strategic partners.

The Future of Ransomware Means Evolving Threats and Increased Risks

Threat actors are becoming more sophisticated and evolving their tactics to inflict the maximum damage. Specifically, threat actors are intensifying their research efforts by delving deeper into the organizations they target. There’s been a discernible shift from focusing on the quantity of data to now focusing on the quality of stolen information. By gaining access to and extracting the most valuable information, threat actors can command higher prices for the organization’s most sensitive data.

Beyond monetary extortion, tactics include public shaming on dedicated sites or within industries, or disclosing the breach to the victim’s customers and business partners. The personalization of attacks has escalated, with threats extending to victims’ families or a company’s board of directors. Recent instances reveal threat actor groups even involving government entities, contacting regulatory bodies like the SEC. The strategies seek to exploit the victims in sometimes bespoke disruptive personal, as well as professional ways.

Additionally, threat actor groups are demonstrating collective adaptability through the utilization of impersonation tactics or by emerging as secondary actors in hijacking activities. This collective adaptability poses a significant risk, as it can result in negotiations being taken over, leading organizations to unintentionally pay the wrong entities, or be forced to pay a ransom twice. Given the 97% surge in ransomware attacks throughout 2023 compared to the previous year, as reported by BlackFrog, it is imperative to adopt a proactive and resilient approach to mitigate evolving and increasingly impactful threats.

Addressing and Overcoming Threats

Organizations must conduct a risk assessment to pinpoint vulnerabilities and take action to shape their cybersecurity strategy to achieve optimal cyber hygiene. This process offers a snapshot of an organization’s current vulnerabilities and architecture, identifies any cybersecurity gaps, and then creates a strategy to address those gaps and implement measures to build resilience. Addressing identified weaknesses from these assessments is pivotal for better preparedness against potential ransomware and cyber incidents.

While cybersecurity strategies should align with an organization’s risk assessment, companies can enhance their defenses by adhering to fundamental best practices. This involves adopting Multi-Factor Authentication (MFA), deploying a Managed Detection and Response e (MDR) solution, keeping up with patching, maintaining good password hygiene, and having offline, regularly tested backups of data.

Additionally, an Incident Response Plan (IRP) should be implemented to outline all the steps that organizations need to take after a cyber incident occurs. Having an IRP will significantly reduce response time and help guide businesses in times of chaos. It is important to tailor the IRP to the organization’s structure and processes and test it regularly.

Utilizing a cyber insurance provider is a practical and strategic tool for cyber preparedness and response. The cyber insurance market is rapidly growing, projected to reach $29.2 billion by 2027. Cyber insurance providers are essential partners in preventing and addressing cyber incidents and ransomware attacks. They offer continuous support throughout the policy period, providing educational resources, solutions based on risk profiles, and alerts on vulnerabilities. In the event of an incident, these providers leverage their expertise to guide organizations strategically and efficiently, mitigating business interruption, liability exposure, and commercial impact.

Bringing it all Together

The cyber threat landscape is becoming more vast and dynamic every day, which presents challenges for organizations trying to keep up with best practices and trends. Staying ahead of these threats requires understanding the current landscape and adopting good cyber practices. Today, deploying smart cybersecurity strategies isn’t just a good idea – it’s crucial for keeping a business running smoothly and protecting its value.

About the Author 

Theresa Le, Chief Claims Officer at Cowbell is well-versed thought leaders in the insurance space, and together, these ambitious women bring over 30 years of experience in claims and underwriting. Theresa’s educational background in cyber law laid the groundwork for her career. Starting as a litigator, she eventually became VP at Swiss Re, as well as a Senior Claims Counsel at AXA XL. Theresa has extensive knowledge in claims, establishing robust claims strategies for companies in cyber, technology, and insurance over the past 5 years. As an established thought leader in the cyber insurance/claims space, Theresa makes it a priority to share her knowledge of the growing risks that insureds are facing as well as the steps organizations can take to recover from a cybersecurity incident. With Theresa’s leadership and in-depth expertise in cyber claims, Cowbell has established a vigorous cyber claims counsel and risk engineering team focused on helping customers assess and process their claims and mitigate any exposure that was faced. For more information, please visit https://cowbell.insure/.