The Changing Landscape of Cyber Threats

The Changing Landscape of Cyber Threats

September 10, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

Just as climate change is creating more serious storms, changes in the nature of cyber threats are creating storms of a different kind. The Accenture 2019 Cyber Threatscape Report (https://www.accenture.com/us-en/insights/security/cyber-threatscape-report?c=acn_glb_cyberthreatscaptwitter_11006956&n=smc_0819) shows a “distinct and dangerous shift” in threat actor activity. As summarized on the Cyber Security Intelligence website, five factors are influencing the cyber threat landscape:

  1. Cyber threat actors are taking advantage of high profile global events by seeking to influence mass opinion as they target global businesses.
  2. As law enforcement steps up activity against cyber criminals they are adapting to remain operational.  While conventional attacks will continue to pose a significant threat, criminals will shift their operations by working within syndicates, taking advantage of local environments, precision targeting using legitimate documents to identify potential victims, or selling and buying direct access to networks for ransomware delivery.
  3. Ransomware attacks may have hybrid motives, ideological or political in addition to financial. Self-propagating ransomware such as WannaCry increases the threat level.
  4. Cybersecurity hygiene is improving, pushing criminals to target “low hanging fruit” in supply chains, including hardware and software providers and the cloud.
  5. Vulnerabilities in computer cloud infrastructure have been discovered in the last two years. Criminals can use side channels to read sensitive data. Mitigations are available but at a cost of reduced performance.

The cost of cybersecurity is increasing, but improvements make it harder for threat actors to disrupt or breach networks.




About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.