Episode 2: Getting Prepared

In this episode, we're going to be sharing our insights on how best to prepare for, and mitigate against, a major cybersecurity event.

It is important to consider the security of your entire perimeter and attack surface area, including your supply chain. We've seen a number of high-profile cyberattacks on third party suppliers. Attackers seek to gain access to an organisation's environment by exploiting vulnerabilities in third-party IT supplier systems. Gartner predicts that by 2025 there'll be a 300% increase in these sorts of supply chain attacks.

Cyberattackers and the tools they use are becoming increasingly sophisticated, and so organisations need to respond in kind. Threat intelligence tools can learn, adapt and predict new and potential threats and this will be much more effective than a virus scanner looking for yesterday's malware.

People are a vulnerability in all organisations, and more often than not place some form of role in successful cyberattacks. To mitigate against this, take practical steps: educate your people on cybersecurity, ensure credential hygiene, implement multi-factor authentication and use AI tools to flag any unusual behaviours.

Continuous monitoring and effective event alerting are critical to ensure that you identify any issues quickly and contain them. Regulators around the world have viewed relaxed security monitoring practices which exacerbate damage in the event of a cyberattack, as aggravating factors when making decisions about fines and penalties resulting in much heavier sanctions.

It is critical to have business continuity plans and disaster recovery procedures that are tested and updated regularly. Incident response processes and playbooks that are frequently tested through incident response stimulations are also best practice.

Insurance products are improving and becoming more sophisticated. Organisations should they've identified their full attack surface area and any key risks they're concerned about.

Some insurers may require a full security audit on your organisation and this may involve some costs in remediating the vulnerabilities identified. When considering an insurance product, carefully review your cover and exclusions.

Next week, we'll be talking about response and recovery when the worst case scenario occurs. We look forward to you joining us.

To see the video of this episode, click here.