Cybercrime can seriously compromise a company’s image and continuity. How can companies best arm themselves against these invisible enemies? We discuss that and more in a brand new episode of Ctalk.

That Cybersecurity is more important than ever is once again underlined by some disturbing figures. For instance, only 9% of Dutch companies are properly prepared for a cyber attack. In addition, the number of attacks involving ransomware (hostage software) has risen by almost 100% in the past year. After a cyber attack, affected companies and organisations are left with unprecedented damage costs. Take cinema chain Pathé, which was scammed for as much as 19 million euros in 2018.

E-mail as the main entry point

At Pathé, cybercriminals amassed that sky-high amount by accessing the organisation’s e-mail traffic. And that is a popular form of fraud among cybercriminals, knows Ronald Kingma, co-founder of the Cyber Defence Centre Acces42. “For cybercriminals, e-mail is the entry point to the user, who is often the weakest link. The Pathé example falls under ceo fraud. The cybercriminals pretend to be directors of the head office, for example, and then send emails with payment requests to someone responsible for finance. That person then accepts the payment request with all the nasty consequences.”

The above example is indicative of the fact that humans are incredibly vulnerable during a cyber attack. According to Erwin van Beinum, Director Cybersecurity at Ctac, companies and organisations should focus on that very area. “Ensuring that the e-mail does not reach the user at all is one thing. But creating awareness within your organisation is also very important. At Ctac, we therefore train internal and external people in recognising suspicious e-mails.” Yet only awareness is not the solution for all cyber problems, states Jelle Niemantsverdriet, National Security Officer at Microsoft. “As security professionals, we cannot expect colleagues to have all the knowledge needed to recognise suspicious e-mail addresses, for example. Instead, we need to ensure that security on a technical level is solid as a rock.”

Cybersecurity in cloud migration

Cybersecurity plays a role in many different areas. So does cloud migration. Often, companies do not know how secure having your data managed externally actually is. Kingma recognises that. “Many organisations think that working in the cloud is automatically completely secure. And that is a big misconception. With a cloud provider, the level of security depends on what you, as an organisation, choose. With Infrastructure as a Service, you may assume that the cloud provider is responsible for the security of the infrastructure. To the contrary: the organisation itself is responsible for keeping the systems and applications in the cloud secure.”

Compare working in the cloud to keeping systems in-house, and the choice for Niemantsverdriet is quickly made. “I would absolutely go for the cloud. Provided you have your affairs and knowledge in order as an organisation, it is the safest option. At Microsoft, we offer our cloud services on a large scale. This allows us to provide global insight into the current incidents. We can then transfer that knowledge to our platforms in a short period of time. So if there is a cyber attack in Ukraine, we can detect it in a few minutes and process it in our cloud. That means our member companies and organisations can be protected very quickly.”

Unprecedented damage from ransomware

It was mentioned at the beginning: the number of cyber attacks involving ransomware has skyrocketed in the past year. And this is worrying, because the damage for the affected parties is almost incalculable. During a ransomware attack, cybercriminals hack into a company’s system, “lock” important, valuable files and then demand a large ransom to release the computer. This often involves millions of euros. Many companies choose to put this amount on the table because they see no other way out and want to minimise financial and reputational damage. And Van Beinum can understand that. “If bankruptcy is imminent or lives are at stake, companies will quickly proceed to pay due to ever-increasing pressure,” he says. “In my view, companies should design their security in such a way that it is clear whether, and for which cases, paying a ransom is worthwhile.”

Of taking out special insurance that covers the damage caused by a ransomware attack, the table guests are less convinced. Kingma: “The cybercriminal often also knows you are insured and can use that against you. Chances are then there will be payment regardless.” But what does help in the fight against ransomware? “In any case, not publicly shaming affected companies,” Niemantsverdriet says firmly. “I notice that we tend to do victim blaming from time to time, which only adds to the cyber embarrassment of affected companies and organisations.” And that ultimately benefits no one, Kingma believes. “It is best for companies to be open about the course of a ransomware attack. Record it, for example, so that other organisations can learn from it.”

Do you also want to pre-emptively arm your business?

Cybercrime can seriously compromise your corporate image and business continuity. Learn how your company can best arm itself against these invisible enemies.

Contact our cybersecurity expert Erwin