The Advantages of a Strategic Partnership in the Cybersecurity Environment
Are you fully alert to the danger of cyber-attack? It’s important to be aware of the threat and the urgent necessity of preparing for it. The most effective means of addressing cyber-risks is a systematic cybersecurity approach developed and implemented in partnership. In this article we take a brief look at what’s involved.
Thing are dangerous out there – and getting more dangerous
A dramatic increase in cyber-attacks on financial institutions was recorded during the Covid-19 pandemic. According to the latest «Modern Bank Heists» report, attacks on the financial sector increased by no less than 238 percent from the beginning of February to the end of April 2020. This is more than a tripling.
But it’s not just the number of attacks, mostly with ransomware, that has increased dramatically. Cyber criminals are also demanding ever higher ransom money from the banks: the amount increased ninefold between the beginning of February and the end of April 2020.
Don’t underestimate the threat
If you weren’t fully aware of the gravity of this matter and the importance of being better prepared in the future, here are a few examples of major cyber incidents, both current and recent:
Cybersecurity more crucial than ever
In the future, cybersecurity will always have to be essential part a company’s processes – and not only in the insurance industry, of course. Until now, however, this has not been so easy, as there has simply been a lack of experience and − as a result − of «best practices».
That said, companies have gained a wide range of experience in recent years, so their development and progress could be said to be going in the right direction. Even so, the subject has only progressed fairly slowly in recent years. Why? For one thing there’s the challenge of embedding this important topic in existing processes and procedures. It’s often very difficult for managers to show their employees what their tasks are (who, when, what, and with whom), and where they can be found in the process.
How to address cyber-threats in partnership
These legacy issues should be addressed through cybersecurity or ecosystem partnerships. Such partnerships must have the necessary resources to methodically prevent damage of any kind to businesses, taking into account and building on their specific experience.
It’s also very important to involve all employees in the upcoming organizational (structural) and mental changes entailed in this approach. This helps in terms of successfully implementing the procedure in the specific company setting and making sure that employees see and understand their role in the newly established process and that their tasks and responsibilities are clear.
Look out for and navigate the pitfalls
While they have great advantages, such partnerships also pose challenges that shouldn’t be underestimated, especially at the beginning of the establishment/institutionalization process. Top management has to think in terms of a risk-based approach. This means breaking down silo structures that have evolved organically to minimize, or ideally eliminate, internal frictional losses. This is a prerequisite for smooth cooperation with external ecosystem partners.
For such a strategic partnership to work, the necessary measures (relationship management) must be worked out together in advance to build mutual trust. This is extremely important in the event of a cyber incident or attack. It also creates the basis for joint, structured, and efficient cooperation if such an incident occurs. Trustworthy and clear communication (both internal and external) is another important point when it comes to avoiding potential damage to the company's reputation.
This is where fine-tuning comes into play to sharpen understanding of everyone’s roles, responsibilities, and decision-making powers, and to avoid possible confusion.
What approach should you take to cybersecurity?
There are various approaches when it comes to identifying and verifying leaks in business processes.
Here we’d like to describe one proven way of going about it. This approach to cybersecurity addresses both the deficiencies and their impact on governance, organizational structures, and processes. The aim is to enable organizations to focus their defenses on the most likely and threatening cyber-risk scenarios, and to strike a balance between effective resilience and efficient operations.
The approach is divided into five phases.
The foundation of cyber-resilience is a strategic framework, including an inventory of data sets, systems, and devices, and an evaluation of their criticality. There is clear governance defining responsibilities, plus a risk management system comprising detailed process steps for identifying, assessing, and limit cyber risks.
This phase involves establishing and testing solutions to prevent cyber-threats. These solutions include, for example, role-based access management with strict administration of authorizations, security solutions with functions for recovery, and awareness training for employees. Protecting sensitive data is a top priority.
Active monitoring of security-relevant information and a warning system for cyber threats guarantee timely detection of anomalies and incidents. This requires not only technical tools, but also professionally competent employees and clearly defined processes.
In the event of a security incident, the company must respond quickly and precisely to prevent data loss and the resulting financial and reputational damage. This phase includes, for example, isolating affected networks and users, troubleshooting, so-called “patching” of firmware, operating system, applications, drivers and hardware, and appropriate crisis communication. To mitigate damage, responsibilities and process steps must also be clearly defined in this phase.
Systems and data that have been affected by an attack must be restored in a timely manner. An appropriate recovery strategy is essential to minimize the impact on daily business. The strategy defines, for example, the use of tools to verify the recovery, the process of gathering evidence, and the verification of backup integrity.
Synpulse can help you ensure successful implementation of this approach by working with experienced cybersecurity ecosystem partners with gilt-edged references. Thanks to this combined know-how and a systematic approach, we can make sure the procedure is up and running quickly with minimal involvement of your employees.
Synpulse and its network of cybersecurity ecosystem partners have helped clients successfully completed implementation projects for many clients. Our support spans the following services:
- Defining use and abuse cases
- Defining security requirements
- Risk analysis
- Code review (tool-supported)
Manual and automated procedure (RPA, AI, etc.)
- Risk-based security test
- Risk analysis (checking the attack surface/points, checking for application fuzziness)
- Penetration testing
- Security measures (ongoing security monitoring and support, manual penetration checks)