Taking a multi-faceted approach to cyber security

By: James N. Hallene :: November 12, 2019

Cyber security is the most important business risk for the second year in a row according to The Institute of Internal Auditors. As former Cisco CEO John Chambers once said, “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” 

From global conglomerate to small business, the stakes are high when it comes to security breaches. Attacks are getting smarter, occurring faster and the incidents are becoming more complex. The dollar amounts are often staggering. Food and beverage giant Mondelez was hit by a cyber attack resulting in $114 million in losses. Equifax revealed in its earnings release this past May that dealing with its 2017 cyber security incident has cost about $1.4 billion plus legal fees. Globally, the average cost of a data breach in 2018 was $3.86 million according to this year’s Ponemon Institute Cost of a Data Breach Report. And, according to insurance carrier Hiscox, cyber attacks cost small business $200,000 on average.

Cyber crime is not just about the immediate impact on a company’s finances. It can force a business to dramatically change their business practices, their relationship with customers and suppliers, and stall or delay a company’s growth.

From large company to small, cyber crime is agnostic

The Trend Micro 2018 Cyber Risk Index shows that while all companies, regardless of size, mostly face the same types of risks, small and mid-size businesses are more susceptible to them due to several factors. The primary reasons: a lack of resources combined with a lack of focus on cyber security issues.

Larger middle market organizations are the most at risk for cyber crime as many have high volumes of valuable data but lack the robust security resources of their large-cap peers, making them exceedingly attractive to cyber criminals. Data from the RSM U.S. Middle Market Business Index survey shows that 15% of middle market executives said their company experienced a data breach in the last year. Additionally, more than half believe that an attempt to illegally access their company’s data or systems is likely.

Think about whom your firm shares data with. Your accountant and financial services provider probably come to mind first. But how about benefits, payroll, and HR services. Your insurance broker. Your IT provider. Any consultant that has access to your information, systems, and data can put you at risk.

Top cyber security concerns

Cyber security is a hot topic because of the massive amounts of data created every day, the increasing expectations of privacy, and tighter regulations and policies. The top cyber security issues on the table for 2020 include:

Cyber risks

These are risks that involve external threats, including attacks such as ransom ware, crypto currency miners, and botnets. Predictions are 2020 will be a banner year for ransomware and malware. While we’ve all heard of stories involving health care providers and financial organizations, manufacturing firms are particularly vulnerable because there are not uniform practices making a plant easy to secure. Many facilities have outdated equipment, with gaps in IT and operations technology creating network vulnerabilities.

The rise of cyber insurance

Midsize companies are becoming prime targets for cyber attacks because they often lack the resources and protocols of larger firms. The use of cyber insurance to help mitigate risks is growing in popularity, especially among the middle market. According to Dave Perkins, Executive VP at U.S. Risk Brokers, “pricing is quite competitive in the small and middle market space and coverage has evolved quickly.” Insurers are still trying to improve on their definition of coverage and how to assign risk, with many insureds lacking a solid understanding of their policies and coverage scope. One benefit of going through the process of obtaining cyber coverage is to identify weaknesses and possible areas for exposure, allowing the company to tighten up, find and address threats and start to scale to encompass emerging challenges.

Data, infrastructure and operational risks

Small and midmarket organizations that handle outsourced data-related work of large organizations are particularly vulnerable to data breaches. There are also risks that are due to the lack of secure technologies such as cloud servers, not to mention risk that arise out of flaws in security infrastructure. According to research from the Neustar International Security Council, 89% of cyber security professionals have expressed concerns about the third-party managed service providers they partner with being hacked. From business intelligence tools, cloud services, or automation solutions, businesses work with more and more third party providers each year. Multiplying the number of digital links to the organization increases the potential for risk. It is imperative every organization questions the security of their entire digital network, including all third parties they work with. Third-party providers’ service level contracts should contain a clause whereby they agree to disclose to their clients a breach within a certain timeframe – usually twelve hours.

AI and ML attacks—and solutions

Security technology is becoming increasingly sophisticated thanks to artificial intelligence (AI) and machine learning (ML), but advances in the cyber criminal world are close behind. Cyber criminals are using AI and machine learning to help them probe networks, find vulnerabilities and develop more ever more evasive malware.  However, both AI and machine learning are also rapidly becoming an important factor to protect, perceive and computerize incident response. AI tools can scan vast amounts of data and then use machine learning algorithms to look for patterns, learn how cyber attacks begin, and guide human decision-makers on how to respond. 

Turning Defense into Offense

Most of us are familiar with the phrase “the best defense is a good offense." This certainly holds true when it comes to falling victim to a cyber security breach. According to Drawbridge Partners, here are some solutions and best practices:

•Backup your data (local and offsite)

•Install the latest intrusion detection and intrusion prevention software

•Implement anti-virus and endpoint protection solutions

•Develop a vulnerability management program

•Ongoing phishing and training awareness exercises and examinations

•Two-factor authentication implemented across all systems (onsite and remote)

•Mobile device management

•Laptop hard drive encryption

The most universal solution to the problem of defense and offense? Realize there is no single way to move forward and craft a multi-faceted approach to cyber security. Drawbridge Partners suggests putting the following items in place:

•Create and maintain an incident response plan

•Highlight key internal and external stakeholders in the event of a breach

•Have a relationship with an incident/breach response firm or partner

•Test your incident response plans by periodically conducting a tabletop exercise.

One of the most important things to remember: on a day-to-day basis, employees are both your weakest link, and your strongest line of defense. Encourage every person on staff to play a role in combating online and cyber security threats. Take a proactive approach to educating your entire workforce about both cyber security threats and countermeasures before something comprises your systems, data, reputation or even livelihood.

James N. Hallene, Founding Partner

Jim is one of the founding partners of CapX Partners. With over 30 years of experience in private equity investments and banking, Jim’s considerable expertise has served the firm well in the areas of investor relations, new business development and portfolio management.

Prior to CapX, Jim founded Capital Concepts Holdings, LLC, a Chicago-based private equity investment firm. Jim also co-founded, and later sold, the data consolidation company, MaxMiles, Inc. For 15 years, Jim managed...