There were so many lessons learned during the Belgian Economic Mission that it’s difficult to pick just one, even when topics are narrowed.  Cybersecurity is a great example.  On June 8, we were invited to hear the latest on cyber-risks, threats and responses from William Beer, Accenture’s N.E. Financial Services Security Lead.  The venue for the presentation was Accenture’s New York Innovation Hub.  The Innovation Hub was spectacular, with impressive design of collaborative workspaces and innovative embedded technologies.  Mr. Beer also did not disappoint in providing his insight on the current state of affairs in cyber.

Here are topline takeaways from Mr. Beer’s presentation and other discussions during the event:

1. Threat intelligence reports are important tools in ensuring cyber defense and resiliency.
2. Ransomware continues as one of the most significant threats.  
3. Use of AI to facilitate ransomware and other attacks is increasing, including adversarial attacks against AI/ML.
4. Vulnerabilities in cloud security controls and application security are being prioritized by companies.
5. In response to evolving risks, cyber insurance policies are becoming more expensive and including more limitations and exclusions.   

In 2022, no one questions the criticality of robust cybersecurity anymore.  Cyber-risks for companies continue to increase as cyber threats evolve.  Given continually evolving threats, Mr. Beers highlighted the importance of threat intelligence reports in ensuring security.  Tactics of adversarial actors change at a much greater pace now in response to defenses, so regular threat intelligence reports are critical to ensuring proper defenses and resiliency.

Ransomware continues to be one of the most significant threats to companies, non-profits and governments.  Surveys of CIOs and CISOs indicate that ransomware is one of the top threats that keeps them up at night.  Artificial Intelligence is an effective tool in supporting cyber defenses, but ransomware and other attacks are also being facilitated using AI (including bots).  Further, adversarial attacks meant to directly compromise AI/ML algorithms are increasing.  

Layered with the increased threats facing companies are newly exposed vulnerabilities in their systems.  While the Cloud is commonly used by companies now, there has been a realization that Cloud security controls do not operate in the same way as controls implemented to protect traditional hosted environments.  In addition, ensuring application security has become an elevated priority, particularly given the new tools cybercriminals are using to facilitate ransomware and other attacks.  This problem has become so pronounced that, in addition to vulnerability scanning and other security/risk assessments, some companies are now requesting third-party review of source code for vulnerabilities.

The rapidly shifting cyber-risk landscape is a root cause behind our last takeaway, which should be noted by any company covered by a cyber-risk insurance policy – the cost and exclusions in cyber policies are rising quickly as insurers adjust to the current risk profile.  Insurers are learning more about coverage areas that are driving claims and are adjusting rates and exclusions accordingly.  For example, newer cyber-risk policies are likely to have either new limits or exclusions (or both) on claims for ransomware attacks.  Such policies may also include additional requirements for showing that cyber defenses are properly implemented, and that resiliency is prioritized and tested.

To summarize my take aways, the constantly shifting cyber landscape makes threat intelligence reports an important tool in ensuring proper defenses are implemented.  Ransomware continues to be a significant threat and the techniques used by bad actors to facilitate ransomware and other attacks are evolving quickly.  AI is being used both to facilitate attacks and as a tool for cyber defense.  Given current threats, cloud and application security are priorities for companies.  Companies also should be prepared for cyber insurers to change terms the next time the policy renews.