logo image

The Twitterverse got its chance to pose cyber risk questions to a panel of distinguished experts at the NetDiligence® Cyber Risk Summit in Santa Monica on October 16. RMS and NetDiligence teamed up to host a live #ChatCyberRisk Q&A session at the conference. The experts on hand included Vinny Sakore, Chief Technology Officer, NetDiligence; Russell Thomas, Principal Engineer – Cyber, RMS and Christos Mitas, Vice President – Model Development, RMS.

Which cyberattacks will grow in prominence? Vinny Sakore sees more and more attacks against individuals – especially high net worth individuals, with personal cyber insurance coverage becoming an important issue in the future.

And the biggest driver of cyber risk for organizations? Russell Thomas stated that the main ones remain; contagious malware (including ransomware) and data theft/exfiltration will continue to be the most prominent types of attacks with potential for severe or catastrophic loss to victims. The number of attacks will also grow as more firms, government organizations, schools, etc. become more dependent on automated processes and e-commerce. Financial risk due to business interruption stands out as the immediate risk driver; in a 2018 survey of 1,300 global companies, 34 percent of companies reported business interruption due to cyberattack.

Whether the biggest threat is a data breach, malware, or something else, is largely sector dependent. For an e-commerce firm making its money on the web, DDoS or cloud outage can be catastrophic. For large financial services firms, both data breach and contagious malware are big drivers. For the largest and rarest loss events, risk drivers for large banks would be large-scale cloud outage (malicious or not) and SWIFT-type financial theft by advanced threat groups.

Cyber chat

And although not fully mature, cyber-physical attacks are increasing in prominence. Russell added that threat actors will start to use cyber-physical attacks to either make money or achieve political goals. Also, the scope and scale of these attacks could change, with the potential to increase dramatically, dependent on threat actor capabilities, goals, and strategies. The larger risk to all companies from this is a major infrastructure outage. 

Malware Evolves

One of the main threats – malware, continues to evolve, and the panelists looked at the forces driving this evolution. Christos Mitas from RMS saw a continued “spill-over” and collaboration between state-sponsored and cybercrime groups, also the availability of packaged malware toolkits and “malware-as-a-service” for less-skilled actors. The ease of deploying malware kits is lowering the threshold for the “bad guys” to start a cyberattack.

Advanced threat actors are now chaining together multiple malware sets (e.g. banking trojans) and repurposing to carry out new types of attacks, e.g. large financial thefts, industrial control systems. Vinny added that due to the successful monetization of ransomware attacks he does not foresee a decline in ransomware but continued growth.  

Russell Thomas suggested that we are living in a target rich environment, a combination of many vulnerabilities together with immature defenses. There is the homogenization of deployed software, and an attack surface expanding dramatically due to the Internet of Things (IoT), in critical applications such as medical, automotive, etc.

He added that security by design is still not yet widespread. Currently, not many threat actors focus on cyber-physical attacks, given their goals (monetary, intelligence, geopolitical) but this could quickly change if a few more “puzzle pieces” fall into place. Vinny Sakore stated an example earlier this year as the DHS and the FDA alerted cardiologists, hospitals, and patients that hundreds of thousands of implanted defibrillators, programmers, and heart monitors could be hacked.

The fight back against cybercrime also evolves. Russell Thomas was asked how public and private sector groups are partnering to stop cybercrime. Russell stated that there have been many collaborations over the last ten years around standards, data sharing, but with the landscape changing so fast, there is always more to be done – such as the rise of e-commerce or IoT. Some issues seem outside of these efforts, such as “hack-back” or inter-government cyber conflict.

Vinny Sakore cited the National Cyber Forensics and Training Alliance (NCTFA) as a great example of public-private groups working together, and he suggested that informally, forensic cyber firms collaborate with law enforcement such as the FBI.

And how could cyber risk models support a stronger understanding of how to manage evolving cyber risk? Christos Mitas reminded attendees to align models with decisions. Cyber risk models, especially financial modeling, are best for big decisions like resource allocation, IT and business architecture., policy decisions, etc, but maybe not so good for low-level “which vulnerability should we patch” decisions. Cyber risk models such as RMS Cyber Risk Solutions enable regular updates to track trends and apply them for effective management of cyber portfolios of subjects at risk.

Wrapping up the chat, Vinny Sakore looked to the future and asked how we can make a real step-change in tackling cyber risk. He raised the example of irrigation systems that were revolutionized by creating models based on sensor data. Vinny asked us to imagine what we could do by mining endpoint data from devices and servers, and as Professor @alexstamos from Stanford University and a former CISO at Facebook reminds us …”breaches are like hurricanes, we can’t stop them but we can figure out how to survive them.”

View the whole #ChatCyberRisk conversation here, and to find out more about RMS Cyber Risk Solutions, click here.

Share:
You May Also Like
Social Rectangle
October 11, 2019
What the Hack? Your Chance to Engage with a Cyber Risk Expert
October 22, 2018
2018 North Atlantic Hurricane Season: Where Are We Now?

In the last month or so, two significant North Atlantic hurricane events have brought the latter half of the current hurricane season into sharp focus — and what marks these two events out was how different they were. With Hurricane Florence making landfall on September 14 in North Carolina, this event was one of the most intense storms to go above 30 degrees north in recent history. After building for many days and reaching Category 4 on the Saffir-Simpson Hurricane Wind Scale (SSHWS) it made landfall as a Category 1 event, stalling and dumping excessive rainfall across the Carolinas. RMS has recently released estimates for insured losses for Hurricane Florence at between US$2.8 billion and US$5.0 billion, reflecting all losses from wind, storm surge and inland flood. Switching from the East Coast to the Florida Panhandle, the story of Hurricane Michael was of a rapidly intensifying storm that grew over the space of just three to four days as it gained strength crossing a warm Gulf of Mexico, to touch close to a Category 5 event on landfall near Mexico Beach, Florida, on October 10. This level of intensity makes Michael the strongest hurricane to make landfall in the U.S. since Hurricane Andrew (1992), and the strongest October U.S. landfalling hurricane on record. Insured losses released by RMS for Hurricane Michael will be between US$6.8 billion and US$10 billion. This estimate represents insured losses associated with wind and storm surge damage across Florida, Georgia, and other parts of the Southeast and Mid-Atlantic regions, including losses to the National Flood Insurance Program (NFIP). Between the floods of Florence and the sheer intensity of Michael, the second half of the hurricane season has so far proved active, so what has the rest of the season got in store? Join us for a Facebook Live discussion in conjunction with Property Casualty 360 on Wednesday, October 24 at 1 p.m. Eastern Time for a recap of what has happened this season, with a focus on the recent impact from Florence and Michael on the southeastern U.S. Get your questions ready as Jeff Waters, senior product manager for RMS and Wallace Hogsett, RMS client manager, will be live on the PropertyCasualty360 Facebook page and RMS Facebook.…

dummy img
Devonne Cusi
Public Relations Manager

Devonne works as a Public Relations Manager for the Americas, responsible for ensuring communications about RMS research, solutions and services reach target audiences and stakeholders across the Americas and the Caribbean.

She is based at the RMS office in Hoboken and has a background in business-to-business communications for the insurance and financial, real estate, and technology sectors. Devonne holds a bachelor’s degree in American Studies from George Washington University.

cta image

Need Help Managing Your Portfolio?

close button
Overlay Image
Video Title

Thank You

You’ll be contacted by an RMS specialist shortly.