By Nick Hawkins, Managing Director of Everbridge EMEA
Cyber-attacks are a constant threat to organisations. Nick Hawkins, Managing Director of Everbridge EMEA, discusses how cloud-based communications platforms can help an organisation improve emergency communications and recover from the effects of a cyber-attack.
In today’s globalised business environment, organisations of all sizes face the prospect of falling victim to a cyber-attack or IT outage that could cause serious damage to its infrastructure and ability to operate.Despite the improvement of cyber-security techniques, criminals have developed sophisticated ways to disrupt systems and steal data. The need to prepare for cyber-attacks is more important than ever.
True cost of cyber-attacks
According to Cisco’s 2017 Annual Cybersecurity Report[i] more than one third of the organisations that experienced a cyber breach in 2016 reported a loss of customers, business opportunities and revenue. The 2017 SonicWall Annual Threat Report[ii] reported an increase from 3.8 million ransomware attacks in 2015 to 638 million in 2016.
Cyber-attacks cost UK businesses a total of £34.1 billion[iii] between Summer 2015 and 2016, with each attack costing an average of £4.1 million and taking 31 days to resolve. Whilst large corporations—that invest millions of pounds in cyber-security—have the potential to recover easily from such a crisis, for most Small/Medium Enterprises (SME’s) and Non-Governmental Organisations (NGO’s) cyber breaches can have more far-reaching and detrimental consequences.
No business is safe
On Friday 12th May, the NHS experienced a national cyber-attack. Hackers attacked the backbone of the NHS, tapping into computers, telephone lines, MRI scanners, blood-storage refrigerators and theatre equipment. Surgeons resorted to using their mobile phones to communicate with one another and critical information such as x-ray imaging was transported around the hospital on CD’s.
In the NHS’s case, the malware tapped into Windows XP. Some reports state 90% of NHS trusts run at least one Windows XP machine. The NHS is becoming increasingly reliant on machines which are connected to the internet.
Firewall renewal dates for PC’s will be logged, however, it is easier to forget when a portfolio of internet enabled devices need to be updated for security. With the internet of things (IoT) expected to consist of millions of new connected devices in the future – this issue will become more critical.
Investing large sums of money into cyber-security is not a pre-requisite for success, as shown by a number of recent high profile cyber-attacks against large corporations all over the world—including the BBC, Sony’s PlayStation Network, HSBC and eBay.
Sony lost control of its entire network. Hacker group Guardians of Peace stole personal information from tens of thousands of current and former workers and published them on the web. This included social security numbers, salaries of top executives and five Sony-produced movies.
It is not just large organisations that are targeted; government departments and agencies, rail networks and local businesses regularly find themselves in the same position. When attacks occur, crucial services are compromised and the reputational impact can quickly reduce consumer confidence and brand value. Large scale attacks also have the ability to impact share price value. Planning what to do when a cyber-attack occurs is important, but how victims communicate in an attack is equally critical.
Importance of effective communication in a crisis
In the event of an emergency,effective communication is crucial. When IT systems go down an organisation needs to be able to communicate with its employees and co-ordinate an effective response. The longer this process takes, the bigger impact the crisis will have.
A successful cyber-attack can affect multiple communication methods:
- If your phone and voice mail system is VOIP-based, you may lose your company phone system.
- If your employee hotline runs through your voice system, this could also be lost.
- If your company website is hosted in-house, it may go down, meaning customers, employees, the general public, and the media cannot find you.
- If company telephone bridges are running through your phone network, they may not be available.
- If the core network is compromised, every computer becomes a standalone machine with no access to company record. Human resource information, employee contact information, vendor lists, or other key phone lists may be inaccessible.
With multiple resources affected, how will you communicate? A critical communication platform can be used for the following:
- Employee information: pushing information to employees about the company status and messaging.
- Conference bridges: using toll-free conference bridges for employee, vendor, senior management, Board of Directors, and other key stakeholder phone calls.
- Stakeholder groups: using pre-defined groups that had been created for key stakeholders to push information via phone, text or email.
As no business or organisation is totally immune from the dangers of a cyber-attack, it is vital that crisis management plans are in place to minimise impact and ensure a return to business-as-usual practice as quickly as possible.
An effective crisis management plan consists of two key components: quick, reliable and secure communication with all employees to notify them of the situation and the efficient deployment of resources to resolve the issue.
It is important that businesses consider the following questions to prepare for a cyber-attack:
- What threats could impact your organisation?
Companies have to understand the type of threat the organisation could experience and the impact it could have. For example, it could result in loss of services or data. The solution will differ depending on the threat.
- Do you have a response plan?
Cyber-attacks often happen out of office hours. An IT incident response plan must be in place to combat an attack even if it happens at 5am. An efficient response plan will include methods of communication for specific stakeholders. Alerts will also differ depending on if the attack has just occurred and if malicious code has laid dormant on the network. IT engineers require different instructions to regular employees.
- Who needs to be included in an IT incident response plan?
- IT Security:is likely to fix the issue. If an organisation does not have a dedicated security team, employees must be assigned to deal with a security crisis when it occurs.
- Incident Team: who is going to co-ordinate the response? Who should be contacted following a breach and how are you going to reach them? Define an escalation point.
- Legal-counsel: if, for example, customer credit card details are stolen, legal support may be necessary.
- Who are your stakeholders?
There area number of stakeholders that should be considered. For example, if customer data is stolen, the following stakeholders would need to be consulted:
- C-level executives – businesses must consider when and how to consult their C-suite. For example, it may be necessary for the CEO to release a statement.
- Media relations department – to ensure strategic messaging is in place when informing customers about the incident and handling inquiries from the press.
- Customer services – need to be informed to prepare for incoming customer enquiries.
- Employees –employees must be kept up to date throughout the process to ensure they are prepared for calls from customers and the press. Employees must be aware of when and how to escalate queries.
- Customers – organisations are legally obliged to inform customers of a data breach. The ability to communicate with customers en masse in real time is important.
How to prepare communications in your response plan
- Assess:What is happening? What is the impact?Determine the likelihood, severity, and impact of the incident
- Locate: Who is in harm’s way? Who can help? Identify resolvers, impacted personnel, and key stakeholders
- Act:Which team members need to act? What do they need to do?
- Analyse: What have we done before? What worked? How can we improve communications?
- Communicate and collaborate: What should employees do? Notify employees on what action to take and keep stakeholders informed
Power of cloud-based communications platforms
As cloud-based critical communications platforms are not reliant on one network, organisations that used the platform to send out an emergency notification are assured that the message will get to the right people. Most organisations rely on internal email to communicate in the event of a crisis, despite the fact that a cyber-attack might impact the entire email network. In doing so, organisations are exacerbating the issue and potentially providing hackers with critical company information.
By having a system that operates entirely independent of an internal communications network, organisations can ensure that the bilateral lines of communication between management and staff remain open—even in the event of a cyber-attack or IT outage that may compromise an internal network, or a rush of calls which may overload a telecommunications network.
By using cloud technology to automate the time-intensive emergency cascade process, resources can be deployed far more effectively and efficiently than before, ensuring that the safety of everyone involved is better protected. In doing so, communications technologies can not only help protect business assets but save the lives of employees. In an emergency organisations cannot waste time searching spread sheets and schedules to manually notify employees.
Multi-modal, two-way communication
Critical communications platforms are already deployed by many businesses, local authorities and national governments around the world to warn and advise people in the event of a crisis. These incidents can range from sourcing a relevantly-skilled IT technician to repair a broken server, to engaging with the public during a terror threat. Central to the success of critical communications platforms are two key functions. The first is the capability to deliver messages using a variety of different methods – this is known as multi-modal communications. No communications channel can ever be 100% reliable 100% of the time, so multi-modality transforms the speed at which people receive the message. Multi-modality facilitates communication via multiple communication devices and contact paths including email, SMS, VoIP calls, social media alerts and mobile app notifications, amongst many others.
Multi-modality ensures that it is easier to receive a message. Two-way communication makes it simpler to confirm a response. In a critical emergency every second counts, so organisations can use communications platforms to create and deliver bespoke templates that require a simple push of a button to respond to. In doing so, the level of response to critical notifications can increase significantly.
For instance, if a cyber-attack compromises an e-retailers website, every second costs the business money. An IT engineer must be located and available to help as fast as possible. Two way communications enables the business to send an alert to the IT team giving them the option to reply with “available and onsite”, “available and offsite” or “not available”. Organisations can build a clear picture of the incident and prepare for downtime if necessary.
Combined, multi-modality and two way communications transform critical communications from an incident alerting platform into a communications tool where organisations can respond smarter and faster. In situations where multi-modal communications and response templates are deployed together, response rates to messages increase from around 20% of recipients to more than 90%.
Critical communications in action
CLS operates the largest multicurrency cash settlement system in the foreign exchange (FX) market. Launched in 2002 and owned by the world’s leading financial institutions, the organisation operates globally and offers settlement services for 18 currencies. On average, CLS settles USD 5 trillion of payment instructions every day for its clients.
CLS needed a solution that would streamline its IT incident management practices.
After extensive research CLS chose to implement Everbridge’s mass notification and IT incident management tools to provide it with a multifunctional communications platform that could send notifications to high numbers of people and devices in an efficient and reliable way. Everbridge’s platform ensures that in the event of an incident, there is no delay in informing employees and management of the situation and deploying resources to resolve it.
As technology continues to advance, cyber-attacks are on the rise and organisations need to have the tools in their armoury to be able to communicate and recover quickly in the event of a crisis. It is an organisation’s response to a cyber-attack that will determine the severity of its impact. Critical communications platforms can help businesses prepare for a breach to limit downtime and damage. Companies have a duty of care to keep customer information secure. Legal implications could be applied if responsibilities are not fulfilled. An efficient, well-practiced incident response plan can maintain brand reputation and ensure a business is not forever known for the number of customer bank details or thousands of pounds worth of revenue it lost.
What does cybersecurity look like for the financial sector in 2021?
By Neill Lawson-Smith, managing director at CIS
The landscape is changing incredibly fast, with cybercriminals using the most up-to-date technology to hack systems. Here are the six areas those in finance should be watching out for…
The finance and insurance sector is increasingly becoming a notable target for cyber attacks. Many of these breaches happening are believed to be due to inadequate security measures when teams or businesses are using cloud services.
The financial industry is also being affected by changes in processes with more fintech, virtual banks, and other digital disruptors impacting the market. The landscape is changing incredibly fast, with cybercriminals using the most up-to-date technology to hack systems, so it is therefore up to the financial sector to keep up to avoid security breaches.
What does this look like for the year ahead in the financial sector? Here are the Six areas those in finance should be watching out for:
- AI securityand cyber defence
Both Cybercriminals and cyber defence are commonly using Artificial Intelligence (AI). In cybersecurity, it is used to identify new threats, as well as assess the effectiveness of the responses to threats, enabling them to foresee and essentially block attacks before they happen. It is also used to spot behavioural patterns and can quickly identify possible infiltrations.
Hackers have also started to use AI to make it easier for them to get past security systems in place. This year, it is likely that AI will be increasingly used as a means of gaining personal details (i.e. credit card details) as well as optimising spam phishing campaigns.
- Mobile cybersecurity in banking
With the number of consumers using their mobile devices for banking and financial transactions increasing, especially since the COVID-19 pandemic has rendered society predominantly cashless, cybercriminals have been heavily targeting mobile systems. For example, mobile malware only targets mobile phone operating systems. The most common forms of mobile malware are virus and trojans, spyware and madware (mobile adware), phishing campaigns, and browser exploits.
This means it is now more important than ever to protect mobile devices to the same extent as traditional hardware.
The same protocols that are in place to ensure your staff PCs and laptops are secure now, need to also be applied to their mobile devices as well, such as:
- Ensuring the latest versions of the operating system and other applications are installed.
- Installing a firewall.
- Enabling mobile security software to protect against malware and viruses.
- Using password protected lock screens.
- Ensuring apps are only downloaded from official sites like Apple App store and Google Play.
- Multi-factor authentication
Multi-factor authentication adds an extra layer of security to all your business networks by ensuring every transaction or login is supported by at least two security measures for access. It is one of the easiest security measures to implement within your business and is becoming more common within the financial sector for many transactions. The traditional username and password are becoming increasingly easy for cybercriminals to acquire, whereas adding an extra identification method, that is not easily accessible to the hackers, ensures an extra layer of protection.
The most commonly used multi-factor authentication methods are:
- Passwords – They should be complex and comprise at least eight characters and be a combination of upper- and lower-case letters, numbers, and special characters.
- One-time use code – A randomly generated code sent via SMS or email which is used only once. With weaknesses in mobile networks and email accounts, these can however be intercepted by hackers.
- App generated codes – a code generated by an app on a mobile phone often created by scanning a QR code that contains a ‘key’. As the key is stored on the phone itself this is less likely to be intercepted by a third party.
- Physical authentication keys – this is a USB which the user inserts every time they login from a new computer. Unfortunately, they don’t work on all devices without adapters (such as iPhone, MacBook or Android).
- Biometrics – Using a fingerprint, voice, or an eye dent is an effective identifier. They are extremely difficult to hack but if they are, they cannot be used ever again for anything.
- Information – this could be something that only the user would know – either a password or a piece of information.
Most of these methods are free or relatively cheap to implement and don’t require anything other than a mobile phone for the user. The added security of multi-factor authentication means even if a hacker has acquired a username/password combination there is still an extra security barrier preventing access.
- Refined testing
As the finance industry is constantly changing, then so too are the security threats. Financial cybersecurity is an ongoing commitment, so installing new anti-virus software and implementing MFA, and stopping there is not going to keep you protected for long. It requires ensuring software and firewalls are up to date as well as ensuring access is regularly updated. In addition to this constant maintenance regular testing of the systems is essential. All systems have vulnerabilities, and as these change, cybercriminals learn to overcome them, and therefore software develops.
One thing to remember is that it is not possible to be over-cautious when it comes to cybersecurity. Regular penetration testing essentially identifies any weaknesses in your systems before the cyber criminals do. It is essential to schedule penetration testing or vulnerability scans at least once a quarter unless compliance dictates otherwise. They can be carried out using a vulnerability scanner.
- Hiring the right people
It is crucial to have the right team on hand to ensure your systems are up to date, regularly tested and maintained is essential.
Your IT team should have the following skills and knowledge:
- Knowledge and understanding of the company’s IT infrastructure
- Knowledge of cybersecurity best practices
- Understanding of company processes and data flows
- Up to date knowledge of cybersecurity solutions
- Plan a Defence, Prepare for Attack…
Although businesses can take many precautions, there are limitations on skills, investment and timescales in implementing a comprehensive cybersecurity infrastructure, it is essential that appropriate procedures, policies and processes are established to ensure that an appropriate response is carried out in the event of a detection – whether manual or ideally automated – so that whenever an attack occurs, the appropriate and proportionate response is carried out immediately to limit any further damage or intrusion.
Data protection: it’s time to reassess your security strategy
By Tony Pepper, CEO of Egress
It’s no secret that the Covid-19 pandemic has created a perfect storm of cybersecurity risk. External threats are heightened, but there’s also a higher level of internal risk too, exacerbated by home working. With most financial services organisations planning to continue with mass remote working for the foreseeable future, it’s important for security teams to review their strategy and assess whether it still works in this new landscape. When it comes to insider threat, there are three key areas that IT leaders should focus on: building a positive culture around security, understanding their organisation’s level of risk and protecting their people.
- Build a security-positive culture
Many organisations have unknowingly instilled a security-negative culture among their employees, where people are punished or shamed if they cause a security incident. While they might think that this would discourage employees from causing data breaches for fear of repercussions, this actually makes your organisation less secure. Our Outbound Email Security Report found that 62% of organisations rely on their people to report email data breach incidents – and if employees are too afraid to come forward, that means your business is at risk of developing a security blind spot.
A security negative culture won’t actually prevent data breaches caused by human error, something which organisations need to recognize as largely unavoidable without technological intervention; it just delays remediation, which makes every incident worse. By creating a security-positive culture, you can better engage and educate employees, as well as ensure you’re able to rapidly triage any incidents if they occur.
- Understand your risk
When mapping out your risk, you’ll likely find that the picture looks very different to how it did even a year ago. In the past, organisations have focused on their networks and their devices when it came to security strategy. While these are vital areas for consideration, what hasn’t been as well-addressed to date is the human aspect of risk, particularly human error. You need to look closely at the tools that your employees are using daily to facilitate digital communication with clients and colleagues, including when sending sensitive information.
Employees are specifically using email more than ever before – our recent research found that 94% of organisations are sending more emails due to Covid-19, with one-in-two IT leaders reporting an increase of more than 50%. With this expansion of email volumes comes an increase in the risk that an email containing sensitive data might be misdirected. Remote working has also heightened the threat – our research found that 35% of organisations’ serious email data breaches were caused by remote working. Why? The causes lie in their behavior and the environments in which they operate. Some individuals may feel they’re able to take more risks away from the “watchful eyes” of their Security team, and every employee is faced with a myriad of distractions that make them more likely to make a mistake.
It’s time for organisations to take stock of their risk by looking at where gaps in their security might exist – and provide safety nets for their employees that can automatically detect and mitigate inadvertent data breaches and risky behaviour.
- Protect your people
It goes without saying that not all data breaches are caused by malicious activity. An overwhelming amount of data breaches are caused by hardworking employees making honest mistakes, from sending an email to the wrong person to responding to a phishing attack. Unfortunately, human error is an unavoidable part of life, and mistakes will happen. In the past, many organisations have taken the approach that employee error can be ‘trained away’, embarking on comprehensive security training programs in the hope that security incidents might decrease.
Unfortunately, if that were the case, then employee activated data breaches would be a thing of the past! Organisations need to employ a multifaceted approach when it comes to avoiding accidental insider data breaches – education and training remain an important element, but ultimately businesses need to implement the right technology to provide a safety net for their people. Many organisations have legacy DLP solutions in place that cannot mitigate the risk as they fail to fully understand employees’ behaviour.
Often, these tools stand in the way of productivity, prompting users even when there isn’t a legitimate risk. When click fatigue sets in, these solutions become ineffective, with users ignoring prompts whenever they appear. Luckily, advances in machine learning mean that there’s technology available to prevent insider data breaches such as misdirected email, by deeply understanding the way that users behave and the context in which they share data, to ensure emails are sent to the right recipients with the right level of security.
The vast majority of organizations will never go back to every employee working full time within the office environment, instead post-pandemic we will see a myriad of different approaches – with some based in the office, while others work at home part or full-time, and as the world opens up again, their locations may change throughout the day. To mitigate risks from inadvertent errors to intentional data exfiltration, CISOs must address their security culture and protect their human layer with intelligent controls that mitigate employees’ behaviors and stop breaches before they happen.
Sumitomo Life Insurance Selects Talend to Build Company’s Data Infrastructure
Leading life insurer uses Talend in data lake environment for data analytics
Talend (NASDAQ: TLND), a global leader in data integration and data integrity, announced today that Sumitomo Life Insurance Company, one of the Japan’s leading life insurance companies, has selected Talend Data Fabric for its data analytics infrastructure.
Sumitomo Life aims to become the most trusted and supported company by its stakeholders, including its customers, and to grow sustainably and stably. Sumitomo Life’s vision is to offer advanced products to enable customers to live vigorously. To respond to that, the company is developing and delivering cutting-edge products that respond to its customers’ current and expected futures needs in areas focusing on nursing care, medical insurance and retirement planning.
“With the trust from our customers as the starting point of all our activities, Sumitomo Life is providing optimal life insurance services to every person through the sound management of the insurance business,” said Mr. Masakazu Ohta, General Manager in Charge of Information System Department at Sumitomo Life. “As a new approach, it was necessary to build a common foundation for big data management, and Talend is the driver. Talend’s superiority in cloud implementation, development productivity, features, and licensing model convinced us to be part of this journey together.”
To meet the needs of its customers and offer them innovative products and services, Sumitomo Life has decided to build a foundation for data analysis (Sumisei Data Platform) in the cloud for the promotion of new insurance products. The company evolved its legacy data environment to the new environment where they can store the data extracted from various systems both on-premises and effectively in the cloud.
In order to meet the needs of each individual customer and provide the best insurance for them, Sumitomo Life uses Talend Data Fabric as the hub of its data infrastructure. This manages data across the organization and integrates data into a data lake, which makes them able to utilize data across the company.
“We have been able to release projects with the continuous support of Talend, even amid the changing business environment in the Covid-19 crisis. We will continue to collaborate with Talend in order to actively promote company-wide data analysis projects,” added Mr. Ohta.
“The insurance market is one of the most competitive sectors. By facing tight regulations and complex customer needs, companies must be at the forefront of innovation to offer even more services and new products to its customers,” said Kenji Tsunoda, Country Manager Japan, at Talend. “Talend helped Sumitomo Life reinvent its data-driven infrastructure to provide a data management platform that enables the development of advanced products for its customers. We are delighted to support Sumitomo Life in the pursuit of their vision.”
UK might need negative rates if recovery disappoints – BoE’s Vlieghe
By David Milliken and William Schomberg LONDON (Reuters) – The Bank of England might need to cut interest rates below...
UK economy shows signs of stabilisation after new lockdown hit
By William Schomberg and David Milliken LONDON (Reuters) – Britain’s economy has stabilised after a new COVID-19 lockdown last month...
Dollar extends decline as risk appetite favors equities
By Stephen Culp NEW YORK (Reuters) – The dollar lost ground on Friday, extending Thursday’s decline as improved risk appetite...
Bitcoin hits $1 trillion market cap, soars to another record high
By Gertrude Chavez-Dreyfuss and Tom Wilson NEW YORK/LONDON (Reuters) – Bitcoin touched a market capitalization of $1 trillion as it...
Shares rise as cyclical stocks provide support; yields climb
By Saqib Iqbal Ahmed NEW YORK (Reuters) – A gauge of global equity markets snapped a 3-day losing streak to...
Battling Covid collateral damage, Renault says 2021 will be volatile
By Gilles Guillaume PARIS (Reuters) – Renault said on Friday it is still fighting the lingering effects of the COVID-19...
Portable Oxygen Concentrators Market to Register 7.8% CAGR Through 2026; Sales to Surge as Oxygen Therapy Becomes Crucial in Covid-19 Treatments
Portable oxygen concentrator manufacturers are largely concerned with the maintenance of inventories throughout the coronavirus crisis, with optimization of supply...
Cancer Supportive Care Products Market to Reach US$ 32 Bn by 2030; Sales Limited by Complications for Cancer Patients Through Covid-19 Infections
The cancer supportive care products market is anticipated to reach a valuation of US$ 32 billion by 2030. The industry is expected...
Bronchoscopes Sales to Rise 1.5x Between 2018 and 2028; Potential Covid-19 Diagnostic Applications to Generate Lucrative Growth Opportunities
Bronchoscope manufacturers remain focused on development initiatives to improve product functionality and accuracy for higher adoption amid healthcare facilities. The bronchoscopes...
US$ 1.1 Bn Hypoparathyroidism Treatment Market Still in Infancy
Mushrooming incidences of thyroid cancer have amplified the number of thoracic surgeries, thus stimulating growth of hypoparathyroidism treatment market. Future...