The Hiscox Cyber Readiness Report 2017, published Tuesday, surveyed 3,000 companies across three countries to assess their readiness to deal with cybercrime in terms of strategy, resourcing, technology and process.
The report found 53% of the companies assessed were ill-prepared to deal with an attack, and just 30% were rated “expert” in their overall cyber readiness, CNBC reported.
In 2016 “cybercrime cost the global economy over $450 billion, over two billion personal records were stolen and in the US alone over 100 million Americans had their medical records stolen,” Steve Langan, chief executive at Hiscox Insurance, told CNBC.
“This is an epidemic of cybercrime, and yet 53% of businesses in the US, UK and Germany were just ill-prepared.”
US firms are most prepared in case of an attack, with 49% of expert-ranked companies coming from the states. Of note, larger US firms were the most targeted with 72% being attacked in the past 12 months.
Meanwhile, German companies made up 39% of bottom-ranked companies. Langan outlined four ways firms can improve their cyber security, including having the right strategy in place and increasing their technological defenses.
“Thirdly, more importantly and where people actually forget to do this, is to build the human firewall in your business, so train your staff to recognize those suspect emails which are getting increasingly sophisticated and very difficult to distinguish,” he said.
“Fourthly, we think they should offshore their risk to insurance companies to make sure they can manage that for them.”
Companies are increasingly factoring cyber-attacks into their business and IT risk assessments, according to Darren Anstee, chief security technologist at Arbor Networks, which should lead companies towards making better security investments.
Be on Guard
Attacks on the internet are getting more sophisticated. Every week it seems another large enterprise finds a hacked database or intrusion of some sort, often attributed to state actors, Techrepublic reported.
There are more places than ever where you might be vulnerable. So here are five cybercrime vectors to be aware of:
1. The browser. Yes it’s tempting to save money by NOT updating that internal system that only works in an old browser. The longer you do that the more exposed you make yourself. Make it a sound policy to have everyone on the most current patched version of a browser you can get. Same goes for all your software, really.
2. Your own users. Ransomware is a rising tide of easy money for attackers. And it often makes its way into a system through email.
3. Industrial Control Systems. Legacy supervisory control and data acquisition, or SCADA, networks sometimes have default or even no passwords. They often control essential physical plant systems.
4. Cars. Attacks on vehicle systems are moving from the realm of research into the world. Lock down your ODB II ports, engine control units, remote key systems, V2X receivers, USB ports and more. And keep that car software up to date.
5. Internet of Things. Researchers Brian Krebs and Bruce Schneier have recently sounded the alarm on the almost nonexistent security of sensors, security cameras, light bulbs and even DVRs. Like Industrial Control Systems, you may not be aware how open these entryways are into your network.
Now that you know some of the pathways you can be on guard.
Add new comment
Read our comment policy before posting your viewpoints