Kathy Gibson is at the IDC Security Summit in Johannesburg – Hackers are becoming prolific, they are good, and they are often professionals working inside your organisation.
“They can make good money as hackers,” says Anyck Turgeon, cyber-resiliency and security evangelist at IBM. “For instance, crypto-mining is one activity that is going on at a ton of companies within organisations around the world.”
This might not be flagged as a security issue, but shows up in performance, Turgeon adds, so security professionals have to work with infrastructure and facilities people as well.
Cyber-resilience is the organisation’s ability to continue delivering the intended outcomes despite adverse cyber incidents, she explains, and is part of the security environment.
And the scope of attacks is set to increase too. Turgeon points out, that with Internet of Things becoming pervasive, attackers can breach all of an organisation’s IT and operational system.
A recent attack on a Saudi Arabian oil refinery failed to set off a deadly reaction that could have cost lives and was only avoided because of a simple coding mistake.
“When we did the reverse engineering, it was clear millions of dollars had been spent on the attack by a nation state, and that it would open the door to 18 000 critical infrastructure companies worldwide that are now exposed to big shut downs or having a device or environment explode.
“And we saw, when we did the reverse engineering, that the hackers had been in the system for years.”
These critical infrastructure attacks are a new field that hackers or nation-state actors are looking to exploit. “This is a critical new type of attack that we are experiencing and that we are going to hear a lot more about in future,” Turgeon says.
“The operational environment is not one that people patch – so there is a vulnerable environment that is now connected to the Internet or to the IT environment, and making the infrastructure vulnerable.
Turgeon is the CISO at IBM, so she’s responsible for thousands of devices, servers and people.
“But when one application or device is hacked, it’s not just one because they are all connected to one another,” she explains. “You have to look at IT in a more interpretive manner with your IT infrastructure.”
In fact, this are currently understated, and she believes we will see a lot more about cybersecurity soon.
“Please get used to the term cyber-resilience too, because there are dozens of laws around the world that have to be adhered to.”
The cost of security probably keeps CEOs awake at night, and this continues to increase. And a security breach is not just a technology issue, but continues in the legal world for years.
According to Ponemon Institute research, the cost of a breach in South Africa is well below the global average, which is good news, Turgeon adds.
However, the average cost of a local data breach is now R36,5-million, up from R32-million in the 2017 report, while the average number of breached records increased by 6,31% to 21 090.
“The bad news is that we have all been hacked: you can bet there is a cyberthreat within your organisation.”
The Ponemon Institute study also examines factors which increase or decrease the cost of the breach, finding that costs are heavily impacted by the amount of time spent containing a data breach, as well as investments in technologies that speed response time.
* The average time to identify a data breach in the study was 150 days, and the average time to contain a data breach once identified was 40 days.
* The three root causes of data breaches were identified as malicious or criminal attack (45%), human error (30%) and system glitches (25%).
* On average, malicious or criminal attacks took 163 days to identify and 45 days to contain. Human error breaches took 139 days to identify and 33 days to contain.
* Detection and escalation costs also increased, rising from R9,5-million in 2016, to R11,6-million in 2017 and R12,3-million in the 2018 study.
The amount of lost or stolen records also impacts the cost of a breach, costing R1 792 per lost or stolen record on average – a 9,35% increase from 2017.