Cybersecurity risks and how to manage them
The Sunburst attack uncovered in December 2020 illustrates the magnitude of the cybersecurity challenge. Hackers were able to breach some of the United States’ top government agencies as well as those of other organisations around the world by compromising updates from one of their software suppliers, SolarWinds. Organisations might make use of hundreds if not thousands of third-party suppliers and contractors through which they could be breached. (Solar Wind has denied knowing about its customers’ vulnerabilities.) A cybercrime group known for targeting banks would likely attempt similar attacks on an IT systems firm that provided services like electronic accounting records or identity management tools, while a data leak being delivered over email delivery servers can still create significant damage once it reaches someone’s inboxes: even with encryption technology enabled, emails sent via Gmail will remain readable because text is just part when transmitted between sender/recipient communication channels.
The rapidly evolving nature of the risk makes it difficult to assess, and all organisations are currently struggling with how to manage cybersecurity risk. New threat actors and types of attacks regularly emerge. For example, we are seeing the advent of AI-enabled attacks. The emergence for instance in China is a large one which targets critical infrastructure such as telecommunications systems, power supply networks or water treatment plants. A second potential problem facing IT security remains that while information technology has improved over time at organizations’ level, they have not yet mastered new threats – particularly those whose effects can include denial sensitive issues related cyber espionage; mass computer compromise (the recent breaches including Sony Pictures Entertainment); data theft by identity thieves/jails across industry sectors where financial institutions like JPMorgan Chase operate their business activities etc.
Increased use of cyber insurance could signiﬁcantly improve cybersecurity risk management. It helps organisations by transferring the risk to insurance providers. Quite importantly, it could also incentivize organisations to improve their cybersecurity levels, through insurers offering customers a discount in exchange for improving security measures. The IT industry should consider making such an incentive attractive enough that companies want and even need it as one measure that will better secure its networks. Achieving scalability (a more holistic view) has taken longer than expected: from around five years ago to two weeks at present. At least three times this time is required compared with existing tools, including OpenSSL which provides up-to 10% performance improvement across different platforms – yet our current infrastructure does not come close.”
The Sunburst attack uncovered in December 2020 illustrates the magnitude of the cybersecurity challenge. Hackers were able to breach some of the United States’ top government agencies as well as those of other organisations around the world by compromising updates from one of their software suppliers, SolarWinds. Organisations might make use of hundreds if not…