Displaying items by tag: Application protection

Addresses rising Web DDoS attacks and DORA compliance deadline

COMPANY NEWS: Radware, a global leader in application security and delivery solutions for multi-cloud environments, announced it expanded its agreement with one of Italy’s top 5 banks. Based on the agreement, the financial institution will use Radware’s end-to-end suite of network and application security and application delivery solutions. This includes Radware’s Cloud Application Protection and Cloud DDoS Protection Services as well as its Alteon® application delivery controller with its Global Elastic License (GEL).

COMPANY NEWS:  Check Point CloudGuard recognised as a leading cloud native security platform by Frost & Sullivan, with new reports ranking it at the forefront

GUEST OPINION:   Paul Crighton, Managing Director ANZ at Barracuda Networks

People and businesses take out insurance to cover their potential losses from all kinds of adverse events: fire, flood, storm and theft are threats for which cover is commonly sought. There has also been a growing trend in recent years of businesses taking out insurance to cover the cost of damage caused by cyber attacks, but the ecosystem around cyber insurance is much more complex and evolving more rapidly than conventional types of insurance.

By far, the biggest cyber threat against which organisations seek insurance cover is ransomware. However, unlike other conventional risks where the insurance covers the cost of remediation following an adverse event, the damage from a ransomware attack can potentially be mitigated by paying the ransom, and having insurance cover often places this decision in the hands of the insurer.

Insurers are no longer paying up so easily

In the past, insurers were much more likely to help policyholders cover losses and minimise damages from a ransomware attack. However, in the face of increasingly frequent and costly attacks, insurers are tightening their parameters.

They are placing more stringent requirements on clients, which is forcing organisations to pay more attention to their cyber security measures. In the past, organisations tended to be somewhat lax because they had cyber insurance, but increasingly insurers are demanding strong cyber security measures as a prerequisite for taking out a policy.

While these requirements are having a positive impact by lifting the overall level of cyber security in Australian businesses, awareness is still much lower than it should be, with only 20 per cent of SMEs and 35-70 per cent of larger businesses taking out cover specifically for cyber risk.

If you try to take out an insurance policy against burglary, chances are the insurer will require you to have some basic security measures such as window locks and deadlocks, or they will bump up the premium significantly if you don’t. It is becoming a similar case with cyber insurance: insurers are increasingly demanding clients have some basic cyber security measures, such as:

• Requiring all users to authenticate themselves with unique passwords, biometrics, or digital ID.
• Ensuring system access is limited only to those who require it to perform their roles, enforced through a policy of least privilege.
• Multifactor authentication (MFA) for all access to cloud services and critical devices, and all users accessing services remotely.
• They may also require all sensitive data to be encrypted in storage and transit, and for mission-critical data to be regularly backed up and isolated so it cannot be compromised by ransomware.

What effect is this having on the cybersecurity industry?

All of this external pressure is a good thing for Australia’s cybersecurity industry. It can help CISOs get the necessary budget to introduce more cybersecurity measures against which there might normally be internal resistance. However, having cyber insurance can also increase the chance of a cyber attack! If attackers are able to ascertain that an organisation has insurance, they may believe they have a better chance of extracting a ransom.

A recent global survey of senior IT and IT security decision-makers across multiple industries found 77 per cent of organisations with cyber insurance had been hit by a successful ransomware attack in the previous year compared to 65 per cent without cyber insurance.

And whatever compensation a cyber insurance policy might provide, it can never guarantee replacement of encrypted data, or compensate for the reputational damage inflicted on an organisation when large amounts of sensitive personal data on customers is exfiltrated and exposed on the dark web – as recent high-profile attacks against major Australian organisations have demonstrated.

It is therefore extremely important that organisations aren’t overly-reliant on cyber insurance. They must have robust measures in place to prevent attackers from gaining access to corporate IT systems and minimise the damage they can cause if they are successful.

The four basic tools all organisations should have in place:

1. Email protection: Deloitte has estimated that 91 per cent of all cyber attacks begin with a phishing email. Using AI-powered email protection can help prevent these attacks by analysing thousands of emails around the world to identify and block phishing attempts. Security awareness training is also an effective way to prevent phishing emails from being opened and allowing system compromise.

2. Application protection: Hacking web applications has become an increasingly-popular way to gain access to wider company networks. Thankfully, tools such as  WAF or WAF-as-a-Service are available that can offer comprehensive protection for applications, whether these are deployed on-premises, in the cloud, or across both environments. The best tools are constantly updated to offer protection against emerging threats: they collect threat data from worldwide networks of sensors and customer traffic and use machine learning and artificial intelligence to update protection tools in near real time.

3. Network security: The rise in remote working precipitated by COVID has greatly increased the scale and vulnerability of many corporate networks. There’s a new approach to securing networks, which all organisations should be aware of and consider adopting. It’s called Secure Access Service Edge (SASE) and combines a range of security features including VPN and SD-WAN secure web gateways, cloud access security brokers, firewalls and zero-trust network access and delivers all these from the cloud.

4. Backups: Having a reliable backup (or multiple) is essential to protect vital data against error, system malfunction, natural disaster and criminal activity. But crucially, backups must provide the ability to easily recover data rapidly and restore normal operation in the event of any kind of disruption or data loss. For many business operations, minimising downtime caused by disruption is a high priority. Not all backups are created equal, and organisations need to look for a solution that restores data efficiently and easily, from any point in time.

The takeaway:

Getting these four aspects of data and system protection right: email security, application protection, network security and backups should be the first priority for any organisation before it starts considering cyber insurance, which can do nothing to protect against attacks or prevent the damage to operations and reputation that ensues.

https://assets.barracuda.com/assets/docs/dms/2023-Ransomware-insights-report.pdf

https://www2.deloitte.com/my/en/pages/risk/articles/91-percent-of-all-cyber-attacks-begin-with-a-phishing-email-to-an-unexpected-victim.html

https://actuaries.asn.au/Library/Opinion/2022/CyberRiskGreenPaper.pdf

Cyber security and application delivery solutions provider Radware and managed security service provider OneSecure have expanded their partnership agreement to include Radware's Application Protection-as-a-Service and Cloud DDoS Protection Service.

COMPANY NEWS: Radware, a leading provider of cyber security and application delivery solutions, today announced it has been named a leader and outperformer in the Innovation hemisphere of GigaOm's Application and API Protection Radar report.

GUEST INTERVIEW: Daniel Smith is the Head of Research at Radware, and he joined me for a discussion on understanding cyber criminals, DDOS attacks, security conferences, ransomware, the pandemic, hacker groups and much more - and it's no teddy bear's picnic.

GUEST INTERVIEW: Daniel Smith is the Head of Research at Radware, and he joined me for a discussion on understanding cyber criminals, DDOS attacks, security conferences, ransomware, the pandemic, hacker groups and much more - and it's no teddy bear's picnic.

GUEST OPINION by Eyal Arazi, Radware: Migrating workloads to public cloud environment opens up organisations to a slate of new, cloud-native attack vectors which did not exist in the world of premise-based data centres.

GUEST OPINION by Eyal Arazi, Radware: Migrating workloads to public cloud environment opens up organisations to a slate of new, cloud-native attack vectors which did not exist in the world of premise-based data centres.