What is cyber risk?

As traditional companies embark on digital transformation – while digital native startups enter the market in droves – cyber risk has become an inherent part of every company’s risk management strategy. Deloitte Insights points to “collective connectivity” as the root of a vastly increased cyber threat landscape that heightens cyber risk: “From our homes to our workplaces to our cars and airports, our collective connectivity increases the digital attack surface for cyber, with potential threats cutting across smart factories, health care institutions, and even home appliances.” Cyber risk is any risk “associated with financial loss, disruption or damage to the reputation of an organization from failure, unauthorized or erroneous use of its information systems.” PwC

Why is cyber risk a
business issue instead
of an IT one?

Which cyber tactics and
techniques contribute to
cyber risk?

How does the supply
chain affect cyber risk?

What is the role of a cyber
risk assessment?

How does IronNet help
organizations with cyber
risk management?

Why is cyber risk a business issue instead of an IT one?

“Becoming literate in cyber risk doesn’t mean that all executives need to become technical experts. What it does mean is that they need to be able to establish their company’s tolerance for cyber risk, define the outcomes that are most important in guiding cybersecurity investment, and be able to foster a culture of cybersecurity and resilience.”
Does Your Board Really Understand Your Cyber Risks?, Daniel Dobrygowski and Derek Vadala
Harvard Business Review
It’s clear that cyber risk goes well beyond IT. Today’s highly sophisticated hackers are on a relentless mission, teaming up to launch coordinated, targeted, and damaging cyber attacks across the global digital landscape. As a result, we‘re seeing an increase of cyber threats, successful cyber attacks, and a resulting erosion of trust among both consumers and B2B customers — in every sector.

Think about the recent SUNBURST attack, for example, which exposed more than 18,000 companies through a backdoor hack?
Does your third-party risk strategy extend across your entire supply chain ecosystem?

Which cyber tactics and techniques contribute to cyber risk?

Cyber threats are far and wide, ramping up cyber risk across sectors and geographies. As nation-state adversaries such as Russia, Iran, and China advance their own interests, such as the SolarWinds attack, those outlined in “The 4 strategic goals behind recent Iranian cyber attacks” or China’s ongoing push to steal intellectual property, it’s important to recognize common threat tactics and techniques and, in turn, assess resulting enterprise risk.

Although they can vary by sector, some types of cyber threats are rampant across industries. The most common cyber attacks in 2020 have included phishing attacks, business email compromise (often associated with financial transfers, where criminals leverage the fact that business is often conducted via email), and ransomware. Another tactic to note are “living off the land attacks” (also called fileless malware, they can best be described as gaining additional access using the tools that already exist in the computing environment.

IronNet-Cyber-Risk-Phishing@2x

Phishing

IronNet-Cyber-Risk-Land-Attacks@2x

Living off the land attacks

IronNet-Cyber-Risk-Business-Email-Compromise@2x

Business Email Compromise (BEC)

IronNet-Cyber-Risk-Password@2x

Password-based attacks

IronNet-Cyber-Risk-Ransomware@2x

Ransomware

IronNet-Cyber-Risk-DDoS@2x

Distributed Denial-of-Service (DDoS) attacks

While phishing has taken center stage for years, BEC is becoming more and more common. This is a technique where the cyber criminal will pose as an authoritative source (e.g., often a company executive, buyer, or financial administrator) to infiltrate the enterprise network. Adversaries have recently shifted strategies by intercepting official correspondence emails and interjecting themselves in the conversation. It’s important to have a plan for preventing BEC, such as ensuring that everyone who may be involved with a “critical and urgent” financial transfer (often a sales executive, CEO, or CFO) has established a process that does not use email.
IronNet-Cyber Risk SEO-Procedures to defend

The latest on
ransomware

Ransomware remains a common cyber threat that weighs heavily on cyber risk. IronNet threat researchers recently performed lab detonation of publicly available ransomware variants to identify commonality among the metadata and artifacts, in order to discover and suggest development of detection and/or prevention capabilities.

Learn what they discovered about how ransomware has evolved and ways to detect it.

How does the supply chain affect cyber risk?

According to Accenture Security, “Indirect attacks against weak links in the supply chain now account for 40 percent of security breaches.” This underscores the need to shift from complacency to action, asking the question, “How secure are the third-party entities my company relies on to conduct its business?” The SUNBURST attack was a wake-up call for all industries.

Fortunately, many companies and organizations are now taking a closer look at their supply chain security and more proactively managing third-party risk in the wake of more prevalent and bolder attempts by nation-state adversaries to infiltrate —and steal or compromise proprietary data — through the weak links. A partnership model for securing supply chain ecosystems, such as
in the utilities sector, is an effective model for ensuring a collaborative approach to securing such vast, interconnected ecosystems.
IronNet-Cyber Risk-Air-Farm
IronNet-Cyber Risk-Securing-Supply-Chain-White-Paper
White Paper

Get the latest on supply chain risk in IronNet’s “Securing Your Supply Chain” white paper.

What is the role of a cyber risk assessment?

Cyber risk can be part of a more comprehensive risk assessment. A cyber risk assessment can measure how well a company has prepared itself to defend against and recover from such attacks — its cyber resilience. The reality is that attackers are innovating faster than defenders can respond. Even though Gartner projects that spending worldwide on info security will be 2018-2023 CAGR 8.7% worldwide, results have not kept up, as the number and severity of attacks indicate. Most cyber spend is on tools that have limited scope to detect sophisticated threats.

How does IronNet help organizations
with cyber risk management?

IronNet helps companies lessen and mitigate cyber risk with Collective Defense through network detection and response (NDR) and the power of real-time threat intelligence sharing. IronDefense is the industry’s most advanced network detection and response platform built to stop the most sophisticated cyber threats by drawing on ML-driven behavior analytics. Our cyber analytics lead to unparalleled visibility across the cyber risk landscape and empower SOC analysts to make faster network threat detection and response decisions.

IronDome is the first automated cyber Collective Defense solution that delivers threat knowledge and intelligence across industries at machine speed. With IronDome, a company or organization can collaborate with others across industries and sectors to stay ahead of evolving threats through real-time threat sharing.

Using the MITRE ATT&CK® Framework to assess cyber risk

The MITRE ATT&CK® Framework follows the threat intrusion cycle and delivers a crowd-sourced deep dive of how attacks are built, drilling down the common tactics to ways in which they are carried out. Accordingly, it is an effective and useful resource for seeing and analyzing the structure of an attack and assessing where it has (or potentially may have) an impact on the organization.

From there, an organization can identify whether it has the capabilities needed to detect the relevant threats to mitigate cyber risk.

IronNet Professional
Cybersecurity Services

Because cybersecurity is business strategy…

IronNet Professional Services can help you assess and strengthen your cybersecurity posture by leveraging our expertise defending the most secure commercial and government networks in the world.