Risk management software is a set of tools that help companies to prevent or manage critical risks that all businesses face – including financial, legal, strategic and operational risks. But, with the ever-increasing role digitisation is playing in the world, cyber-threats are on the rise.
External attacks on companies result in the most expensive cyber insurance losses, but it is employee mistakes and technical problems that are the most frequent generator of claims by number, according to a new report from Allianz Global Corporate & Specialty (AGCS), “Managing the Impact of Increasing Interconnectivity – Trends in Cyber Risk”. The study analyses 1 736 cyber-related insurance claims worth EUR660 million involving AGCS and other insurers from 2015 to 2020.
“Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today,” says Catharina Richter, global head of Allianz Cyber Center of Competence, which is embedded into AGCS.
“Although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average, as severe. Employers and employees must work together to raise awareness and increase cyber resilience.”
Losses resulting from external incidents, such as DDoS attacks or phishing and malware or ransomware campaigns, account for the majority of the value of claims analysed (85%) according to the report, followed by malicious internal actions (9%) – which are infrequent but can be costly.
Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data account for over half of cyber claims analysed by number (54%) but, often, the financial impact of these is limited compared with cybercrime. However, losses can quickly escalate in the case of more serious incidents.
Business interruption is the main cost driver behind cyber losses, accounting for around 60% of the value of all claims analysed in the report, followed by costs involved with dealing with data breaches.
“Whether due to ransomware, human error or a technical fault, the loss of critical systems or data can bring an organisation to its knees in today’s digitalised economy,” says Joerg Ahrens, global head of long-tail claims at AGCS.
“The inability to access data for an extended period of time can have a significant impact on revenues – for example, if a company is unable to take orders. Similarly, if an online platform is unavailable due to a technical glitch or cyber event, it could bring large losses for companies that rely on it, particularly given today’s increasing reliance on online sales or digital supply chains.”
There are luckily various means of mitigating cyber risks. One such innovative solution is the Dtex Intercept 6.0, a first-of-its-kind insider threat management solution that delivers always-on, human-centric security by proactively illuminating dangerous activity.
J2, a security-focused African technology business (founded in 2006), has heralded new features to the solution from Dtex (a workforce intelligence company), which will prevent data loss and protect the workforce wherever they may be.
J2 CEO John McLoughlin says next-generation cybersecurity must focus on the human factor. “This is the most important aspect of any business’s ability to operate safely and efficiently. Intercept 6.0 allows businesses to easily see, understand and act on contextual technical and behavioural intelligence.”
According to the global research and advisory firm Gartner, one of the keys to success in building an Insider Threat Management Program is to “determine risky behavioural patterns, using past incidents and cross functional input, and correlate the technical as well as behavioural threat indicators to analyse each incident in its full context”.
Intercept 6.0 continuously collects and synthesises more than 500 unique elements of enterprise telemetry from data, machines, applications and people to surface dynamic “Indicators of Intent” that combine to deliver holistic and contextual awareness about an enterprise workforce’s activities.
These elements are enriched in near real-time using advanced behavioural models that are mapped against a person’s normal activity and peer group baselines.
Dtex’s predictive analytics engine continuously processes, scores and stacks “Indicators of Intent” to stream live status updates, trend analysis and, when required, trigger notifications of abnormal activity that deviate from baselines and indicate elevated risks to an interactive, all-in-one dashboard for forensic investigation, protective action and cross-functional reporting. This can be delivered from the cloud or on-premise.
New features and capabilities like advanced analytics capabilities include Automated Activity Correlation, Peer Group Anomaly Detection, Immediate “Known-bad” Behaviour Alerts and Advanced Rule Based Behaviour Profiling. This includes profiling of new or rare processes / URLs and IP addresses.
McLoughlin points to the enhanced lightweight forwarder. “The V6 forwarder adds several important data collection categories and an improved client to server communication architecture for ‘near-zero’ impact to the endpoint, as well as faster data post-processing. Technical highlights include data capture from endpoint event logs and always-on file hashing (configurable algorithms).
“Unlike other solutions that are restrained to only analysing people or devices of interest once identified by human analysts, Dtex Intercept 6.0 was purpose-built to scale and protect the entire organisation up to millions of users, endpoints and servers continuously.”
Preparation and training of employees can also significantly reduce the consequences of a cyber event, especially in phishing and business email compromise schemes, which can often involve human error. It can also help mitigate ransomware attacks, although maintaining secure backups can limit damage.