Governance, risk and compliance

onfronted by so many potential threats, from outside hackers to disgruntled employees undermining security from the inside, organisations face a constant battle – not only to maintain data integrity, but also to forestall potential reputational damage.


Factor in the Covid-19 pandemic, leading to more employees working from home, as well as ever more stringent compliance requirements, and it quickly becomes clear that the myriad challenges facing companies are symptomatic of a wider threat landscape. More to the point, it’s one that’s likely to only become more dangerous over the coming years. Tom Kellermann, head of cybersecurity strategy at VMware’s Security Business Unit, says the solutions provider noted a 148% surge in ransomware attacks between February and March 2020 alone, just as much of the Western world was moving into lockdown – and moving away from the security they enjoyed in the office. “Traditional perimeter defences like firewalls are failing, due to increased telework protocols,” Kellerman explains. “Additionally, the modern-day cybercriminal is an expert in exploiting the vulnerabilities of remote systems, as well as the inherent lack of visibility that security teams have into these complex environments.”

Hacked off

If proof were needed of the damage cybercriminals and state actors are capable of wreaking, the recent hacks at solutions provider SolarWinds, as well as tech giant Microsoft, both provide salutary lessons – even if the outcomes aren’t yet fully known. As the SolarWinds hack shows, moreover, organisations can have the most secure systems at their disposal – but this will count for nothing if external hardware or software boast more holes than Swiss cheese.

After all, hackers, believed to be Russian state actors, found a back door into SolarWinds scalable infrastructure monitoring and management platform tool Orion – subsequently distributing malicious code via software updates. Even worse, the breach wasn’t detected for months after it happened in early 2020. Given the nature of the Texas-based company’s business – providing computer networking monitoring services to major corporations and government agencies around the world – people in high places and senior positions have been unsurprisingly worried.

And while the scope of how far the criminals actually burrowed down has yet to be determined, SolarWinds has confirmed that up to 18,000 of its customers (or 60% of the total) installed updates leaving them vulnerable to hackers.

Potentially even more serious, meanwhile, is the fallout after hackers exploited holes in Microsoft’s

Finance Director Europe / Total malware infection growth rate (millions) 702.1 580.4 452.9 309.0 165.8 82.6

2009 12.4

2010 30.0

2011 48.2

2012 2013 2014 2015

2019 cost of a data breach report ($m) $4.00

$4.00 $3.90 $3.80 $3.70 $3.60 $3.50 $3.40

$3.92 $3.86 $3.79 $3.62 $3.50 2013 2014 2015 2016 Global average total cost of a data breach Cybintsolutions

mail server software – potentially affecting 30,000 organisations across the US alone, according to a recent report by KrebsOnSecurity.

According to Microsoft, a previously unidentified Chinese hacking crew known as ‘Hafnium’ have been conducting targeted attacks against its email servers. In a number of cases, hacking tools known as ‘web shells’ were placed on victims’ systems before Microsoft announced it had issued patches to cover the holes – the implication being that organisations would still be vulnerable, even if they had downloaded the patches.

While there is still no evidence that the SolarWinds and Microsoft attacks are connected, in short, the damage caused by hackers, harvesting data across numerous organisations and all sectors, still has the potential to be huge.

Stopping the stuffing

How to address these challenges? For Kellermann, it’s fundamentally a question of organisation. “CISOs should report directly to the CEO in an effort to elevate awareness of the security risks and defence recommendations for an organisation,” he says. “Cyber threat hunting techniques must be expanded, and network security platforms need to be integrated with endpoint protection platforms and solutions.”

9 seconds

The average time between online hacker attacks. Cybintsolutions

25 2017 2018 2016 2017 2018 812.7

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53