According to a recent report from Experian, a global information services group, businesses can expect to see an increase in the number and severity of cyber attacks in 2017. The report also predicts that a large number of politically-motivated cyber attacks near the end of 2016 will escalate into a larger cyber attack conflict, and that businesses in the financial, security and health care industries will be the most frequently targeted.
What is Cyber Risk?
Cyber risk is the risk of financial loss, disruption, or damage to reputation as a result of breaches of data security, including unathorized disclosure of data, and comprise or failures of IT systems.
Specefic Examples Includes:
Security breaches where sensitive information is stolen or disclosed
Theft or loss of digital assets
Business interruption due to a virus shutting down a network
Costs associated with damage to data records caused by a hacker
As a part of the report, Experian made five major predictions for cyber attacks in 2017:
Password breaches will contribute to the abandonment of the password as a security measure. Although the theft of login IDs and passwords constitutes a short-term threat, the report states that cyber criminals continue to sell passwords long after they are stolen. And, as businesses and consumers are lured into a false sense of security after their password is unknowingly stolen, passwords alone will begin to fall out of favor. Instead, the report emphasizes that two-factor identification-where two separate pieces of authentication evidence are required-should be used by businesses to defend against cyber attacks.
New, sophisticated attacks will continue to target the health care industry. Because medical identities and information remains relatively easy to access and profitable for hackers, the health care industry will continue to be a target in 2017. The report also states that large establishments, such as hospital networks, will continue to face threats like ransomware, a type of attack where an organization is "locked out" until a financial ransom is payed.
Politically-motivated and state-sponsored attacks will become more common. The large number of high-profile cyber attacks at the end of 2016, along with the accusation that many of the attacks were state-sponsored, may lead to businesses being affected by the collateral damage of these attacks. Additionally, the report predicts that such attacks will only grow as politically-motivated hackers seek retaliation against others.
Hackers will focus on payment-based attacks, despite new credit card security measures. Although the switch to EMV chip cards and the PIN liability shift were expected to protect against payment breaches, uneven adoption could lead to additional cyber exposures in 2017. Additionally, criminals are beginning to use sophisticated skimming machines to steal card data at physical retail and ATM locations.
A failure to explore insurance protections for cyber attacks could prove very costly.