The Colonial Pipeline ransomware attack is one of the most recent in an accelerating number of cyber-attacks on critical business services over the past decade. With the number of connected devices predicted to reach 46 billion in 2021, business critical systems and infrastructure is the fastest-growing attack surface in global cyber-security and ransomware. The resiliency of our critical systems is gravely threatened by a combination of lack of IT recruitment and training, insufficient IT infrastructure spending in heavily-regulated budgets, ease of ransomware transactions through cryptocurrencies, and access to cheap military-grade attack tools in the dark web.
Avanta Ventures recently co-hosted a virtual webinar with The Hive Think Tank, where we brought together an expert panel, moderated by our very own Steve Bernardez, to analyze this emerging crisis and explored a combination of technology, human behavior, regulations, and industrial process-based approaches to counter it.
Thank you to our panelists for sharing their insights:
- Duncan Greatwood – CEO, Xage Security
- Jack Kudale – Founder & CEO, Cowbell Cyber
- Ben Sooter – Principal Project Manager: Cyber Security, Electric Power Research Institute (EPRI)
For those unable to watch the webinar discussion, here are three things we learned about ransomware attacks and how cybersecurity and insurance can help combat these issues.
How to calculate cyber risk
With ransomware attacks on the rise, it’s become critical for companies to protect their electrical infrastructure from hackers. We asked the panel if they could provide a sense of the magnitude of ransomware challenges and how they quantify this cyber risk for their executive board. Ben Sooter shared his thoughts, “The [cyber] risk is enormous. The industry feels the weight of that risk right now, especially in light of the Colonial Pipeline attack, and making sure that they are able to respond to future crises.”
As the cyber risk is quantifiably high, no one in the industry wants to be involved in the next ransomware event, so they are approaching it in a way that is preventative. Ben offered solutions to approach the board with these measures by advising to consider a variety of perspectives at the executive level. In these instances, there are businesses who don’t worry about paying the ransom because they have insurance. On the other hand, there are others who are concerned with the ethics and don’t want to contribute to issues surrounding cyberattacks by paying the ransom. Taking every perspective into consideration will help companies plan and prepare for future attacks.
The [cyber] risk is enormous. The industry feels the weight of that risk right now, especially in light of the Colonial Pipeline attack, and making sure that they are able to respond to future crises.Ben Sooter, Principal Project Manager: Cyber Security, Electric Power Research Institute (EPRI)
Policies for paying ransoms
Did you know that 80% of companies that paid a ransom were hit again? It’s important to protect your business from becoming a repeat target to ransomware attacks. We asked the panel if their companies had policies in place regarding what steps they take when faced with paying a ransom. Duncan Greatwood explained how his company, Xage Security’s goals are to stop the attacks from happening and allow innovation and change to continue without creating new attack vectors and exposure. Duncan elaborated on how his company aims to create a defense system where if someone were to breach security, there would be a strict limit on what they would be able to access. “We’re bringing a mesh fabric to bear on these issues. We essentially aim to authenticate and to control, through authorization, every interaction that happens in the digital infrastructure,” Duncan said. This system allows them to be in a better position to respond if a ransomware attack were ever to occur.
We essentially aim to authenticate and to control, through authorization, every interaction that happens in the digital infrastructure.Duncan Greatwood, CEO, Xage Security
Cyberinsurance role in battling cyberattacks
After hearing the different approaches to address the ransomware challenges from a technical perspective, we asked the panel what role cyberinsurance played in combatting these cyberattacks. Jack Kudale made a point that there is no business that is immune to cyberattacks; the risk is there for everyone. That said, while businesses should strive to be preventative, Jack suggested that “there is a ‘next phase’ on the other side of the [cyberattack] event, which is the response and recovery.”
In other words, companies shouldn’t view cyber insurance as a replacement for cyber security, rather they should see it as an extension of their cyber security strategy and as another tool to transfer the risk.
There is a ‘next phase’ on the other side of the [cyberattack] event, which is the response and recovery.Jack Kudale, Founder & CEO, Cowbell Cyber
Thank you again to The Hive and our panelists for an eye-opening discussion. Click here to watch the full webinar.