Every time anything of value is on the move, it becomes vulnerable (as we know from every heist movie ever made). This is just as true for data. It’s another argument for using distributed cloud and distributed computing to keep data secure. It provides the option of leaving data where it is, and bringing processes close to the data when feasible. Bonfiglio thinks it’s useful to conceive the cyberthreat in biological terms. Like a virus, it is always with us. It will inevitably get through our defences, but hopefully our individual immune systems are smart enough to fend it off. When they aren’t, there are specialists available to help. And in a pandemic, we can cooperate with others. “IT previously believed it could protect anyone from attack. But reality tells us that’s impossible. You cannot live in an isolated, impenetrable bubble. If you do that, you cannot connect to the outside world – you will die. So, like with a real-world virus, we need vaccines, we need new habits, and maybe we’ll have to work to cure some of its effects. But we need to live with it.” HOW BAD CAN IT GET? An ounce of prevention is worth a pound of cure. Your mother was right. A cyberattack can be expensive – in all kinds of unforeseen ways. IBM’s ‘Cost of a Data Breach Report 2020’ (ibm. com/uk-en/security/data-breach) looks at just the fallout from a company data breach – never mind deliberate attacks designed to cause harm. The report
stopping it. There’s lost business, which can come from downtime or reputation damage. There’s the notification process of contacting, updating and engaging all parties who might have been affected by the breach. This includes communications with regulators and the ex-post response, which involves ongoing engagement with those affected, creating new accounts, or rebuilding services and paying regulatory fines or legal fees. While Bonfiglio extols the security of cloud and distributed data, the IBM report found that misconfigured clouds were one of the leading causes of data breaches. Again, it all comes back to competent IT management. The report said that the majority of malicious breaches were caused by financially motivated cyberattackers. Most hackers you’re likely to encounter just want the money. But many of these attacks are by opportunists – the cyber equivalent of going house to house to see who has left their door unlocked. The most costly attacks were by nation state actors. These are rarer, but potentially much more damaging. Nation states have been at work in the most destructive assaults on broadcasters, including the famous 2015 attack on TV5Monde in France, which nearly destroyed the channel permanently. Initially blamed on the IS terrorist group, it was later revealed as an assault run by the Russian cyber-espionage organisation APT28 (aka “Fancy Bear”).
The attack cost TV5Monde millions of euro and forced teams to use fax machines instead of email, until their IT system was safe to go back online. In March, Channel
notes four major cost centres for data breaches. There are detection and escalation costs, incurred in actually tracking down the source and cause of the breach, and
9 in Australia was hit with a ransomware
feedmagazine.tv
Powered by FlippingBook