Markella, Markel, Gary discussed on Cyber Security Today
Should y'all be using external cybersecurity adviser? As Gary as the end user, if there's an attack, will be the one who must have some sort of plan B in place. And then there was Mark hill. He is an expert in the topic of cyber and privacy liability and he basically holds the key to the castle in a sense. He is the one who decides if a firm qualifies for coverage or not. Whether or not coverage is approved depends on many factors such as the level of preparedness prior to attack occurring, as Gary has said, and the banks she works for would likely qualify based on the fact a cybersecurity framework has been put in place. The policy itself should focuses on 5 key elements. Identify, protect, detect, respond, and recover me. And Howard, you know, I keep peace of it, revolves around business impact analysis. It's just imperative all organizations know which functions are critical in order for the business to survive. And then there's 5 pronged approach you talked about would not only allow an IT department to know what data has been captured, shouldn't attack occur, but also allows them to implement an action plan that's been adopted well before the attackers swoop in on them. For instance, Marco stressed that having that type of contingency planning now in place that alternate, it's not just a nice to have. It's actually a need to have if any organization helps to qualify. And in much of what has to do with the sheer number of claims relating to ramps and where another cybersecurity attacks. Markel said, apparently, cyber insurance sector in Canada is the least profitable sector. We have surpassed hail insurance, which is a pretty big feat and not one we should be proud of. Now markella added the adversaries are advancing way faster than anyone could keep up with. They're a well run organizations and they're just that organizations with full blown HR departments and recruiting departments. To jaw recall, phone conversation with a ransomware attacker that he had. It was similar to a setup at a call center. You call a toll free number, the attacker replies, oh, you were from ABC company. Jake is handling your attack. I will put you through. At the end of it, they actually sent us a two page security report outlying how they got in. Incredible. Yeah. In terms of what to do once attacked, Marco recommends calling a lawyer. One who's trained in what best to do if a client becomes a victim. They won't provide any information on coverage, but they will help quarterback the situation. And propose steps that can be taken, being reaching out to forensic companies that are basically a standby to deal with these things and help support the IT security teams to figure out what where and how. And then once you have the intelligence about what's going on and how it's happened, then you can make informed decisions on how to handle it. So really, what it comes down to is preparation. And to that end, there are key practical steps that everybody every company can take to prevent attacks, and mitigate the damage when attackers do break through. I've always thought that you defend against ransomware by doing the same things that you do for any cyber threat. And that includes educate your users about the risks of clicking on links and obeying attachments. Making sure your software is quickly patched in order of a sensitivity and making sure that your data is encrypted so that if it's stolen, it's useless. And don't forget about protecting corporate attachments that are sitting in employees email boxes. They contain sensitive information as well. Yeah, I'm continually amazed at the sophistication, the innovation of ransomware gangs. But I was really heartened by listening to this panel, this new realism that we seem to have. We know prevention is critical. Howard, do you recover that? We need to accept that these ransomware gangs, though, are going to get through regardless of how prepared we are. That doesn't mean we dismiss preparation, looking at how you're going to respond, is also important though. And Markel said it best what he said contingency planning is not a nice to have. It's a need to have. So the things you talked about, knowing your data back up, multi factor authentication user awareness are important. But limiting the damage, network segmentation, restricting privileged access and having a response plan, one that's tested with something this panel really focused on. And I thought it was a great way of really being mature about the way cybersecurity is going these days. Agreed. Paul, what about another session that you covered? Absolutely. Another session was about a topic that probably keeps IT executives up at night. What to do about email havoc. Which has been described by some security experts as one of our greatest areas of vulnerability. I mean, you know, the numbers certainly back up that claim. Over the course of 2022, according to statista, an estimated 333 billion emails would be sent and received globally this year. 347 billion next year and 376.4 billion in 2025. Stunning numbers in a key reason, guest panelists, Elk and Gorgon, CSO of cloud fair, focus on the potential havoc, all of that email activity has no doubt will cause an organization to force itself on how to best prevent an attack. A key recommendation you put forward this, no matter what email system is in use, organizations have to implement a zero trust strategy. And despite the fact that users of Google workspace or Office 365 contain native security controls. I mean, he said, you know, they're pretty good. They're getting much better blocking those highly volumetric attacks, and we can in fact maybe stop about 95% of them, just with the native controls within these tools. The trouble is, the attackers are always evolving. They are always changing their methods and it becomes a real problem. Asked how email programs should be set up to eliminate the threats, gorgons said the answer lies in implementing new solutions. An example of the former revolves around emails that impersonate a CAO, wiring a CFO for money. Which is more problematic as a result of remote working where people at home are more likely to click on a tempered email when they should not. Gartner, he said recently recent market guide for email security and in that they recommend that anything new must contain AI or machine learning components. And what these new tools do is look at the way that people communicate it and organization through natural language processing. Gorgon said he's a big fan of the recommendation from Gartner. And I quote what he said. Effective email security requires not only the selection of the correct products with the required capabilities and configurations.