Advice, services and information on building your cyber resilience and minimising your cyber risk
Answer a few simple questions to find out how to enhance your Cyber Security
Keep up to date with the latest information and access support when you need it most
Access resources to stop incidents in advance
Cybersecurity experts have been locked in a battle with hackers for decades. It is a technological arms race.
If your organization discovers that your data has been compromised because one of your vendors has experienced a breach, you will face a unique set of challenges. All the usual issues involved in a response - conducting a forensic investigation, determining notification obligations, notifying in a way that preserves customer relationships - become much more complicated when the breach has occurred at the vendor.
Phishing attacks have long been a cybersecurity challenge for organizations; today, they are responsible for more than 80% of reported security incidents. According to CISCO’s 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing. Spear phishing, which is the practice of sending emails that appear to be from a trusted sender in order to induce targets to reveal confidential information, is the most common type of phishing attack, comprising 65% of all phishing attacks.
Beazley’s Head of Cyber Services, Raf Sanchez, recently took part in the Financier Worldwide roundtable, which examined the issue of pandemic-generated disruption over the past two years, and the impact of burgeoning cyber-crime on the global economy. Below is an excerpt, featuring his input to this important discussion. The full roundtable featured experts from Arete, Control Risks, Cooley LLP, Microsoft, Perkins Coie LLP, Tokio Marine HCC and Zai Lab alongside Beazley, and can be accessed via the Financier Worldwide website.
Organisations and websites are suffering cybersecurity incidents on a daily basis, some of them leading to the compromise of customers’ data. Compromised data frequently include lists of usernames and passwords, which allow the bad actors who possess them to access online resources such as websites and mobile applications. These passwords are then traded and sold on the internet, mostly on dark web marketplaces, but also on publicly accessible websites. Some of these password lists can be bought for as little as $5. Moreover, nowadays, passwords can be easily mis-shared or guessed, especially when users still use weak passwords (ex. “password” or “123456”) and with the abundance of personal information available on the Internet.
Our latest Cyber Services Snapshot reveals that cyber incidents, including phishing are on the rise. Now, imagine that the client begins the day as normal but logs on to find a threatening ransomware demand. What should the client do? What advice would you give the client?