IS YOUR DATA PREPARED FOR AN INEVITABLE CYBER STRIKE?

DOWNLOAD PDF VERSIONSUBSCRIBE TO NEWSBYTES
;

In this edition of LTO NewsBytes, we will explore news and commentary related to Cyber Insurance, which has become a prominent aspect of the data protection marketplace. This exploration will include the purpose of Cyber Insurance, the state of the market, risk management, ransomware protection strategies, and the role that LTO technology plays in protecting your organization and valuable data assets against cyber-threats.

Let’s begin with cyberattacks.

YOUR DATA COULD BE NEXT

Before we define and explore Cyber Insurance, let’s recognize that the threat of cyberattack is an ongoing and seemingly never-ending menace for businesses of all shapes and sizes. The biggest danger is thought to be attacks involving ransomware. How prevalent are ransomware attacks? According to a Sophos study, “66% of respondents (reported) that their organization was hit by ransomware” in 2022 and 2023. A ransomware attack can cause considerable damage to an organization, including crippled operations, loss of revenue, reputational damage, loss of customers, repair costs, fines and ransom payments, which is why the interest in Cyber Insurance has grown.

RANSOM ATTACKS ARE COSTLY

As noted, ransomware attacks are flourishing and no organization is immune. Here are a few examples of these nefarious assaults found at Jumpcloud:

  • The central IT organization for the National Health Service covering London was attacked by a ransom gang that compromised the information of about one million patients in London hospitals.
  • 3TBs of sensitive data were stolen from The City of Columbus, Ohio. The city refused to meet ransom demands so all the data was dumped onto the dark web by the ransom group.
  • A very large Chinese shopping platform paid a ransom to prevent stolen customer data from being disclosed, but were confounded when the hackers immediately demanded another ransom.

A number of steps can be taken to protect an organization from such disruptions, as noted by David Balcar in his paper, Exploring the Ransomware Epidemic: Unraveling the Past, Understanding the Present, and Anticipating Future Threats, “Preventing ransomware attacks and mitigating their impact is crucial for organizational cybersecurity. A comprehensive strategy that incorporates technical defenses, organizational policies, and user education is essential,” Balcar stresses that “organizations that leverage tape backups rarely make headlines for paying ransoms.”  That’s right; back it up to LTO technology – more on that later. 

Cyberattacks can be quite costly which leads us to explore a financial safeguard and the main topic of this LTO NewsBytes article – Cyber Insurance.

WHAT IS CYBER INSURANCE

In the quest to mitigate the damage and manage the risk that can come from cyberattacks, organizations are now investigating and employing Cyber Insurance. TechTarget defines Cyber Insurance as “a contract an entity can purchase to help reduce the financial risks associated with doing business online. In exchange for a monthly or quarterly fee, the insurance policy transfers some of the risks to the insurer.”

“While Cyber Insurance cannot prevent cyber threats, it provides organizations with financial support and resources to maintain business continuity in the event of an attack. By combining Cyber Insurance with resilient storage strategies like tape, organizations can develop a more comprehensive and proactive protection strategy to safeguard their digital assets in today’s ever-evolving threat landscape.” – David Balcar, Cyber Security Expert and Chief Evangelist with NeXasure.

Cyber Insurance can cover a broad range of cybercrimes; as described by TechTarget above: it can cover “ransomware, cyber extortion, social engineering attacks, system failures and business interruptions from cybersecurity incidents.” TechTarget explains that Cyber Insurance can provide a number of benefits as shown in part below:

  • Protection against cyber risks: Cyber Insurance can provide network security coverage and assist in the timely remediation of cyber-attacks and incidents.
  • Financial protection: Cyber Insurance offers financial security against damage caused by cyber incidents. This includes expenses for investigations, credit monitoring services and potential legal responsibilities, among other costs.
  • Legal support: Legal assistance is frequently included with Cyber Insurance, which helps businesses navigate the complicated legal system around cyber events.
  • Peace of mind: Cyber Insurance provides businesses and individuals with a sense of security by guaranteeing their financial stability in the case of a cyber crisis.
  • Highlights commitment to security: Cyber Insurance coverage can make businesses and organizations exhibit a commitment to cybersecurity, which can boost reputation and confidence among customers, stakeholders and partners.

The TechTarget article emphasizes that Cyber Insurance does not cover everything. It states that what is typically not covered includes: preexisting breaches, events initiated by employees, infrastructure failures not caused by a purposeful cyber-attack, failure to correct a known vulnerability, and the loss of intellectual property value such as proprietary information.

ARE CYBER INSURANCE COSTS ON THE RISE?

As you can surmise, a risk/cost assessment would need to be undertaken to determine if Cyber Insurance is a good fit for an organization as well as additional precautionary and protective measures that can be employed.  The U.S. Government Accountability Office states that “while more companies may be looking for insurance against attacks, stability in premium rates and access to policies are changing. Large-scale attacks—such as … (the) Colonial Pipeline ransomware attack, which led to short-lived gasoline shortages in the Southeastern U.S.—have highlighted the potential for catastrophic financial damages. As a result, insurers are starting to take steps to limit their exposure to these losses.”Limiting exposure is prompting insurers to examine policy pricing structures. This csoonline.com article explains that “Enterprise executives are finding that (Cyber Insurance) policy costs are rising, and insurers are asking for more proof that strong cybersecurity strategies are in place before agreeing to provide coverage.” Never-the-less, more businesses are requiring that they and their partners have such coverage because the ‘cyberattack disease’ can spread to and from business partners. 

Could having Cyber Insurance make a business more attractive to cyber criminals? That remains to be seen. But, considering the costs of a cyber breach, when it comes to paying a ransom the FBI “does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back.”

AI WARFARE AND DEFENSE

AI is now being used as an attack weapon and as a defensive tool. A 2024 AI magazine article explains that “AI is being increasingly used to extort data from individuals and businesses of all sizes. It is expected that cybersecurity threats will become more personalized as AI uses continue to evolve, providing more opportunities for threat actors to obtain valuable information.” The author emphasizes that “the rise of deep fakes poses a significant threat to identity and access management, requiring organizations to prioritize solutions that verify genuine human presence and implement additional security measures.”

AI attacks can be fast and smart; therefore, using AI in defense against cyber-threats is increasing, leading to an arms race between the opposing sides: between malign hackers and cybercriminals and the ethical PEN testers and lawful experts trying to stop them. And both sides are using the same technology as an article at barracuda.com makes clear. “AI tools are becoming more effective at detecting and mitigating these threats.”

AI technology can be used in a variety of applications such as helping to protect email from phishing, to help train employees, and in security solutions such as XDR (extended detection and response) where AI based attacks can be more swiftly detected.

“Having Cyber Insurance is not a complete solution. Whether an organization invests in Cyber Insurance or not, protecting critical data assets with reliable storage solutions—such as tape storage—can significantly enhance cyber resiliency. Tape storage, with its inherent offline capabilities, provides a robust defense against ransomware and other cyber threats by ensuring secure, immutable backups that are immune to tampering.” – David Balcar, Cyber Security Expert and Chief Evangelist with NeXasure.

TAKE ACTION – PROTECT ASSETS

Security measures can be vast and wide in the pursuit of protecting organizational data assets. While Cyber Insurance has a role to play, the complexity and sheer volume of threats means businesses should still be looking for ways to deepen their defenses. The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0 supports this view and provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. Amongst the guidelines, NIST advises in the Data Security (PR.DS) section that “Data are managed consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information.” It states that data-at-rest, data-in-transit, and data-in-use are protected and that backups of data are created, protected, maintained, and tested.

LTO Technology is a Critical Tool for the protection and security of backup data and can be considered a fundamental Cyber Insurance requirement. Redundancy is critical in a good backup strategy. Businesses should use both on-site and off-site backups for storing essential data. It’s critical that at least one form of backup, such as on tape, be stored separate from the primary backups. Store one copy on an off-site device, such as a redundant second site tape library. Let’s recall that when an LTO data cartridge is removed from the tape drive the data is offline and is not accessible by online bad actors. Ransomware cannot get to the air-gapped offline tape data. This cyber resiliency design can reduce organizational risk and is an inherent design of LTO tape technology.

In the event of a cyber intrusion to online data the offline LTO tape can save the day. Here’s how:

 

  • An offline LTO tape can be used to restore compromised data and reduce the impact and associated costs of a cyberattack.

     

  • The LTO data cartridge can be moved to an offsite location and used to restore data that is compromised at the primary location due to a flood, hurricane or other disasters.

     

  • The data on the LTO cartridge can be encrypted using LTO data encryption features so that the information is undecipherable if it were to get into the wrong hands.

FINAL THOUGHTS – VIDEO AVAILABLE

Cyberattacks are pervasive and continue to grow in sophistication. It behooves an organization to employ comprehensive data security measures as well as consider the viability of Cyber Insurance coverage with the fore thought to balance protection, risk, and policy affordability. Whether an organization utilizes Cyber Insurance or not: LTO technology is an essential component for long term data protection and defense against cyber-threats. See how LTO technology can help protect data assets against ransomware in this short video.