External threats are scary, but about half of cyber risk is coming from inside the house. Forrester found that 46% of breaches in 2022, 46% involved insiders like employees and third-party partners.
Mistakes, like misconfigured Amazon Web Services buckets, servers, unpatched software, and other issues are a real source of cyber risk for an organization.
Think about internal cyber risk
When you think of internal cyber risk, you may think of malicious insiders. There are certainly incidents of cyber risk coming from employees-gone-wrong; nearly half of the internal breaches recorded by Forrester in 2019 were the result of abuse or malicious intent. However, malicious intent among insiders is on the decline, sliding from 57% in 2018 to 48% in 2019. That’s both the good news and the bad news: while malicious intent is on the downswing, employee and third-party mistakes are on the rise.
Cybersecurity risk management is the process of identifying potential risks, assessing the impact of those risks, and planning how to respond if the risks become reality.
It is important for every organization, no matter the size or industry, to develop a cybersecurity management plan. However, it is also important to know that not all risks, even if identified in advance, can be eliminated. That said, even in those cases, there are steps that your organization can take to reduce the potential impact.
1. Take stock of your most valuable digital assets
The first thing you’ll want to do is identify the various assets that could be compromised by cybercriminals. These assets might be physical (like computers) or intangible (like data or networks). You’ll want to understand which of these assets criminals might want to target, which are most at risk of being targeted, and which might not be secure.
2. Identify the cyber risks, past and present
Once you’ve identified the assets you need to protect, you’ll need to identify the risks that could affect those assets. Every potential threat, including new and emerging risks, should be identified.
3. Plan for an attack
When an attack happens, how will your company respond? Part of mitigating risk is having a well-thought-out plan in advance — if you have to respond to an attack on the fly, you may not make the best decisions. The cost of a data breach can be staggering, but the Ponemon Institute finds that one of the best ways to mitigate the cost of an attack is to plan for one.
4. Review your controls
You may already have controls in place to prevent the risks you’ve identified or to respond to attacks if they occur. Review the controls you have in place to make sure they adequately cover your current risks. Continuous risk monitoring is important because the risk landscape is constantly changing.
5. Build a culture of cybersecurity in your organization
Security is everyone’s job. Training and good cyber hygiene practices go a long way towards keeping an organization safe from some of the attacks that can do the most harm, like phishing or other social engineering-related breaches.
By building robust cybersecurity strategies with the incorporation of threat intelligence, companies today can build the capabilities they need to detect or prevent most attacks — and stay resilient in the face of something unexpected. With that in mind, every year, our global threat intelligence team tracks and reports on the strategic and technical aspects of the most pressing cyber threats, spanning geographies and sectors.
The reality is that the cyber threats facing private businesses are no different from any other type of organisation.
Cyber insurance are essentially opportunistic and will look to attack wherever they see vulnerabilities. However, private businesses have some distinctive characteristics that create specific cyber security risks and which need to be addressed.