The cyber attack and subsequent breach of UK ISP and phone company TalkTalk has dominated the IT headlines over the past few weeks. It’s already predicted to cost the firm an estimated £35 million and is just the latest example of a growing threat that is undermining CISOs’ efforts to keep IP and customer data safe and secure: targeted attacks. We’re not talking about limited nation state activity here. The ability to launch laser-focused data-stealing attacks designed to lift your company’s most sensitive data right from under your noses, without tripping any alarms, is now in the hands of the many.
Cyber adversaries aren’t paid to bypass the network. Instead, they want to obtain the “pot of gold” by finding, copying and monetising the data, intellectual property and sensitive communications that reside within your network. They accomplish this by researching, designing and executing purpose-built attacks that bypass traditional controls, repurposing internal networks to laterally move throughout an organisation. Continue reading →
Another week, another attempt to quantify the staggering losses that can result from a major cyber attack. This time, it was accounting giant Grant Thornton International which noted that one in six businesses have been hit over the past year, at a potential total cost of over £200 billion. The firm surveyed 2,500 business leaders in 35 economies, so the results likely to be more accurate than most. However, with data breach reporting still only compulsory in the US, that figure could still represent just the tip of the iceberg.
What is clear, is that targeted threats are amongst the most expensive and potentially devastating cyber incursions an organisation can experience. Our new research revealed at CLOUDSEC last week, puts the average cost at around £172,000 for UK firms. But it also reveals that there are things that every firm can do to reduce the financial and reputation impact of such an attack. Continue reading →
Operation Aurora, Shady RAT, Woolen-Goldfish and now Iron Tiger: we’ve all been talking about targeted cyber attacks for so long now that it sometimes pays to stand back and take stock of exactly where we are as an industry. That’s what we have done with a new piece of research in partnership with Quocirca surveying attitudes towards these advanced, highly covert threat campaigns. We asked 500 European IT decision makers whether they thought targeted attacks had increased of late; the potential impact on their respective organisations; and what steps they’d take to mitigate such attacks.
The findings prove that senior IT leaders are finally waking up to the threat, as more and more of their peers are humbled by these laser-focused attacks. Continue reading →