Prevention. The recipe for tackling the IT risk landscape

Of all the areas of information technology, security is one that has the most statistics and alerts, both for your day-to-day and for your long-term actions. The data for this comes from various sources – logs generated by protection devices, media publications, reports from monitoring services and studies by specialized consultants are some examples of sources of this data and information. They allow companies to assess, with reasonable precision, the degree of risk of the scenario in which they are operating at any given moment. In general, this degree of risk can be thought of more or less as predicting the weather, and may cause concern for those less prepared for storms. The well-prepared have always known that storms can occur.

When it comes to cybersecurity, though, it's hard to say that you're 100% prepared for anything, because of the number of variables to be controlled and the amount of risk. Sector professionals know that there is no such thing as 100% security, that they are defending their companies even from cybercrime attacks, and that at some point, even in the distant future, they could suffer an incident, as indicated by statistics around the world.

You may not know or remember, but even some of the biggest names in security have also fallen victim to cyberattacks.

Because of this, there are currently few indicators that point to a reduction in cyber incidents attributed to cybercriminals: one of the few, published at the end of May by the company Fortinet, is for OT (operational technology or control technology of industrial systems) and not for IT, reporting that, in 2022, the number of organizations that did not experience a breach in their digital assets rose from 6% to 25%.
Other companies studying the subject in IT unfortunately do not show signs that the scenario is improving: in the last ten years, the volume of attacks involving data theft, equipment hijacking, blackmail and all other modalities has transformed cybercrime into the third economy in the world. planet, according to studies by the World Economic Forum: his illegal activities will earn the bandits US$ 8 trillion in 2023. A value greater than the gross domestic product (GDP) of Japan or Germany, second only to the economies of the United
States (the largest, with a GDP of US$ 23.3 trillion) and China (GDP of US$ 17.7 trillion).

While the numbers may seem overstated, it's a staggering sum. Even more surprising is the fact that all these values ​​are being stolen from individuals and companies around the world, day and night. Cybercriminals carry out email distribution campaigns with malicious material (phishing campaigns), carry out denial of service attacks to extort money from companies on the Internet, invade networks and applications to steal corporate data and then encrypt the contents of storage (ransomware), in addition to planting “ skimmers ” that copy data from payment cards in e-commerce operations.

These are some of the tactics, but there are many others that lead to the trillionaire result estimated by the World Economic Forum.

Of all the risks, the highest right now is that of ransomware: it is a combination of the anonymity provided by hiding IP addresses, the implantation into systems of malware that steals and then encrypts data, and finally the anonymity provided by proliferation of cryptocurrencies in all countries.
Add to that operators who form cybercrime groups and reside in Eastern European or Eastern countries, and you have a recipe for a perfect storm. It was for no other reason that large companies such as the Colonial Pipeline oil pipeline and the US insurance company CNA were forced to pay millionaire ransoms to recover their data after being attacked with ransomware in 2021 – the first paid a ransom of US$ 40 million and the second, of US$ 5 million.

Unfortunately, not even millionaire payments like this can guarantee that the data will be recovered and that the systems will return to their previous state: a survey published in May by the company Veeam indicates that almost 40% of the companies that paid a ransom to obtain access keys to their data failed to recover them in whole or in part.

Despite all this, and although nothing is indicating that the cybersecurity scenario will turn rosy in the short term, its risks must be faced in the same way that others are faced on a day-to-day basis, combining planning and actions : important trends such as digital transformation and the predominance of cloud operations are inexorable, as is our dependence on digital systems that favor our way of living, working and producing.

To survive in this scenario and face possible storms, companies must not neglect any aspect of the operation – neither processes, nor people nor technology – and accept three realities: the first is that cybersecurity is not just the security of systems, she also reads business security;
second, that it is a complex specialty of technology; and third, that one company alone cannot handle all the cyber risks in its path: it needs partners who can help it before the storms.

Because looking for partnerships after the storm has started may be too late.