What Is The Risk Of A Cyber Attack?

  • June 12, 2024
  • 3 min read

The Hacker News: A Source for Cyber Risk Information
What a name for a media website—The Hacker News. But they do give you some good information about cyber risk. What is your risk as a company or even a family office for having a cyber attack, a ransomware attack?

Calculating Your Cyber Risk
It’s math. It’s the probability of occurrence times the damage. What’s the chance you’re going to get hacked and how much you’re going to lose if you get hacked? Multiply that up, and you have your risk, and they tell you why it matters. The purpose of this is to evaluate the risk associated with vulnerability.

The Importance of Active Monitoring
So if you’re a company, you want to make sure that you don’t just have an IT person that’s putting firewalls and patches and that kind of thing. You want to have active monitoring of your network. Whether you do it in-house, whether you do it through your cyber insurance policy, or have an outside company do it, you want to have active monitoring.

The Evolving Threat Landscape
Here’s why: these hackers are using new techniques every single week. They come up with new techniques, so whatever preventions have been used a month ago are not going to work today. And unless you have somebody that’s constantly, every day, getting intel on the new techniques, you’re going to be at risk. So make sure that you have active monitoring, putting in place detection of all the most recent hacking techniques, and that you don’t allow your network to be infiltrated.

The Hidden Presence of Hackers
Because here’s what they do: they get into your network, but you don’t know it right away. They sit there and watch your emails for weeks, sometimes months, and they find out the names of the people, the names of your clients, contract dates, account numbers. And then, once they have built up a profile on your company, they start doing things like wire transfers, telling your customers to wire them money instead of you, transferring contracts to other places because they’ve accumulated all this knowledge. They have everything they need. It’s kind of like having the safe open right to your business.

The Need for a Response Plan
So make sure you catch that early, and you can do it very easily with active monitoring. Also, have a response plan in place. So if you had a ransomware hack tomorrow, what would you do? Who would you call? Who would take care of different things? Again, if you have a cyber insurance policy, they’ll have a response team for you. But if you don’t have that, make sure you have a list of people that are going to handle all the details, including cash flow, payroll, and HR.

Leave a Reply

Your email address will not be published. Required fields are marked *