InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
A Resilient Organization Starts with Cyber Resilience —Here’s Why
Global events, such as recessions and pandemics, create enormous social and economic challenges that impact organizations and their management. From employee and customer satisfaction to financial difficulties, supply chain disruption and skyrocketing cyberattacks, top-level management oversees a wide range of concerns.
As business owners aim to address multiple challenges that may be a threat to their organizations’ success, resilience is a trending buzzword. Organizational resilience is an organization's ability to foresee, plan for, respond to and adapt to gradual change and unexpected disruptions to survive and thrive.
Even during the most recent COVID-19 pandemic, organizations that already practiced methods to cultivate resilience through remote/hybrid work, digital acceleration and more, showed that they can quickly recover from setbacks and have an advantage over competitors.
If you want to prioritize resiliency within your own business, one of the first steps you should take is building cyber resilience. Cyber resilience refers to an organization's ability to consistently deliver the desired outcome in the face of adverse cyber events.
Cyber Resilience Powers Transformation
According to Forrester, cyber resilience is more than just a security imperative. It’s the foundation of a strong business and brand. This is one of the reasons why over 65% of organizations are investing in improving their cyber resiliency posture.1 Businesses across the globe have begun to realize that it’s time to look inward and identify and close security gaps to build a more resilient future.
While establishing cyber resilience, consider the following:
- You must deploy tools to detect, evaluate and handle network and information system risks, including those that affect your supply chain.
- It’s critical to identify irregularities and potential cybersecurity issues through continuous network and information system monitoring before they morph into severe threats.
- Implementing an incident response strategy is crucial to ensure operational continuity where you can bounce back quickly even if you are the victim of a cyberattack.
- Always ensure that your cyber resilience strategy is overseen by top management and integrated into day-to-day operations.
Companies that invested in cyber resilience expected to get the following results1:
- Increased secure collaboration within the organization
- Better preparedness, response and/or remediation skills in the event of a security incident
- Improved integration of people, processes and technology
How to Improve Your Cyber Resilience
Employee training
Stay current with technological advances and the threat landscape
Reset your security systems
Adopt advanced technologies
Partner with an MSP
If you’re ready to take the first step towards building cyber resiliency in your organization but aren’t sure where to start, contact us to schedule a no-obligation consultation.
Sources:
- Cyber Resilience Study
A Resilient Organization Starts with Cyber Resilience —Here’s Why
Global events, such as recessions and pandemics, create enormous social and economic challenges that impact organizations and their management. From employee and customer satisfaction to financial difficulties, supply chain disruption and skyrocketing cyberattacks, top-level management oversees a wide range of concerns.
As business owners aim to address multiple challenges that may be a threat to their organizations’ success, resilience is a trending buzzword. Organizational resilience is an organization's ability to foresee, plan for, respond to and adapt to gradual change and unexpected disruptions to survive and thrive.
Even during the most recent COVID-19 pandemic, organizations that already practiced methods to cultivate resilience through remote/hybrid work, digital acceleration and more, showed that they can quickly recover from setbacks and have an advantage over competitors.
If you want to prioritize resiliency within your own business, one of the first steps you should take is building cyber resilience. Cyber resilience refers to an organization's ability to consistently deliver the desired outcome in the face of adverse cyber events.
Cyber Resilience Powers Transformation
According to Forrester, cyber resilience is more than just a security imperative. It’s the foundation of a strong business and brand. This is one of the reasons why over 65% of organizations are investing in improving their cyber resiliency posture.1 Businesses across the globe have begun to realize that it’s time to look inward and identify and close security gaps to build a more resilient future.
While establishing cyber resilience, consider the following:
- You must deploy tools to detect, evaluate and handle network and information system risks, including those that affect your supply chain.
- It’s critical to identify irregularities and potential cybersecurity issues through continuous network and information system monitoring before they morph into severe threats.
- Implementing an incident response strategy is crucial to ensure operational continuity where you can bounce back quickly even if you are the victim of a cyberattack.
- Always ensure that your cyber resilience strategy is overseen by top management and integrated into day-to-day operations.
- Increased secure collaboration within the organization
- Better preparedness, response and/or remediation skills in the event of a security incident
- Improved integration of people, processes and technology
How to Improve Your Cyber Resilience
Employee training
Stay current with technological advances and the threat landscape
Reset your security systems
Adopt advanced technologies
Partner with an MSP
If you’re ready to take the first step towards building cyber resiliency in your organization but aren’t sure where to start, contact us to schedule a no-obligation consultation.
Sources:
- Cyber Resilience Study
The National Rifle Association (NRA)
https://www.nbcnews.com/tech/security/cybercriminals-claim-hacked-nra-rcna3929
Exploit: RansomwareNational Rifle Association: Gun Rights Activist Group
Risk to Business: 1.417= Severe
Guess who’s back? Cybersecurity researchers believe that the notorious Evil Corp has rebranded itself as Grief, the group that has claimed responsibility for a probable ransomware attack at The National Rifle Association (NRA). Grief posted 13 files to its news website last Wednesday after they claimed to have hacked the NRA. The gang is threatening to release more of the files if they’re not paid, but no ransom demand was specified. NBC News reported that the files it saw were related to grants. The samples provided by the gang include blank grant proposal forms, a list of recent grant recipients, an email to a recent grant winner earlier this month, a W-9 form and the minutes from a September 24th NRA teleconference meeting.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware can be used to steal and publicize sensitive information that a company doesn’t want exposed.
PracticeMax
https://www.govinfosecurity.com/phi-stolen-in-practice-management-firms-ransomware-attack-a-17813
Exploit: RansomwarePracticeMax: Medical Practice Management Services
Risk to Business: 1.822=Severe
A ransomware attack on medical practice management services firm PracticeMax may have exposed Protected Health Information. The company notified members of Village Health that they may have been impacted by a cyberattack in April and May of 2021. VillageHealth is a care coordination program for patients with chronic conditions run by DaVita Inc. and offered through health plans including Anthem and Humana. PracticeMax indicates the breach affected more than 4,400 of its members in legal filings, but a company statement warns that they cannot say for sure that any data was actually accessed or stolen.
Individual Risk: 1.703=Severe
In breach notification letters being sent on behalf of DaVita, Humana and Anthem, PracticeMax says the incident affected PHI including members’ first and last name, date of birth, address, phone number, Social Security Number, member ID number and clinical data pertaining to services received through the VillageHealth program.
How It Could Affect Your Business: Service providers that handle a lot of valuable data have been favored targets of ransomware groups looking to profit in the booming data markets.
United States – Schreiber Foods
https://www.zdnet.com/article/schreiber-foods-back-to-normal-after-ransomware-attack-shut-down-milk-plants/Exploit: Ransomware
Schreiber Foods: Dairy Processor
Risk to Business: 1.442=Extreme
Wisconsin-based dairy powerhouse Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack ground operations to a halt over the weekend. The company announced that a “cyber event” had disrupted operations at its processing and distribution centers after critical systems were knocked or taken offline. Schreiber uses a variety of digital systems and computers to manage milk processing, so this event impacted the entire dairy supply chain in the US. This is the latest incident in a string of massive production-impacting cyberattacks against agricultural sector targets. The company is the largest milk processor in Wisconsin, and it has reportedly been hit with a $2.5 million ransom demand.
Customers Impacted: Unknown
How It Could Affect Your Business: In September, the FBI released a notice warning companies in the food and agriculture sectors to watch out for ransomware attacks aiming to disrupt supply chains.
Canada – Toronto Transit Commission (TTC)
https://www.cbc.ca/news/canada/toronto/ttc-ransomware-attack-1.6231349Exploit: Hacking
Toronto Transit Commission (TTC): Government Entity
Risk to Business: 1.615= Severe
The Toronto Transit Commission was the victim of a ransomware attack that it says began last Thursday night and expanded on Friday. Officials were quick to assure the public that the attack has not caused any significant disruption to transit service and the public and employees are not at risk. They specified that transit vehicles are continuing to service their routes, but apps and computer displays of route information are being affected. There’s no word on when those functions will be restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks on infrastructure targets are common, and that means that organizations that run and serve them need to step up their security game.
United Kingdom – Graff
https://www.dailymail.co.uk/news/article-10148265/Massive-cyber-heist-rocks-high-society-jeweller-Graff.htmlExploit: Ransomware
Graff: Jeweler
Risk to Business: 1.512= Severe
The Conti ransomware gang made headlines again with a successful ransomware attack against high-society jeweler Graff. The company counts clients like Donald Trump, David Beckham, Oprah Winfrey and other major-league clientele. Graff operates at the top end of the diamond jewelry market, with more than 60 retail stores worldwide. Reports say that the Conti group has already posted 69,000 confidential documents on its dark web leak site including client lists, contact data and other proprietary information. Ransom demands are reported to be in the millions of pounds.
Customers Impacted: Unknown
How it Could Affect Your Business: Firms like Graff not only have records on deep-pocketed clients, they also have records on transactions that those clients may want to have kept quiet.
Poland – C.R.E.A.M. Finance
https://securityaffairs.co/wordpress/123861/cyber-crime/cream-finance-cyber-heist-130m.htmlExploit: Cryptojacking (Misconfiguration)
C.R.E.A.M. Finance: Decentralized Lending Platform
Risk to Business: 1.595 = Extreme
For the third time this year, cybercriminals have hit lending platform C.R.E.A.M. Finance, stealing cryptocurrency. This time, thieves made off with $130 million worth of cryptocurrency assets. According to the experts, the attackers have likely exploited a vulnerability in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their control before splitting them through other wallets. This is the third successful heist from the platform this year. Crooks jacked $29 million in August 2021 and $37 million in February 2021.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are always hungry for cash and crypto is the currency that they prefer, so stealing it will continue to be a popular option.
Thailand – Centara Hotels & Resorts
https://www.zdnet.com/article/luxury-hotel-chain-in-thailand-reports-data-breach/
Exploit: RansomwareCentara Hotels & Resorts: Hotel Chain
Risk to Business: 1.637 = Severe
The Desorden ransomware group claims to have stolen over 400GB of files and databases containing information belonging to millions of hotel guests of Thailand’s Centara Hotels & Resorts. The hotel chain is part of Central Group, a conglomerate that also includes the Central Restaurants Group, which it hacked earlier this month. The hackers made it clear that this attack was in retaliation for the Central Group’s refusal to pay the ransom for the first attack after negotiating and promising payment. That incident would have provided a ransom payment of $900,000 before Central Group backed out of the deal on Tuesday, spurring the second attack.
Individual Risk: 1.818 = Severe
The company admitted that attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses and photos of IDs. Whether or not passport data was included was not specified but it is commonly requested. The theft is said to have affected guests who stayed at the hotel chain between 2003 and 2021, including any guests that made advanced bookings up to December 2021.
How it Could Affect Your Business: Big pools of information are catnip to ransomware gangs, especially highly desirable PII or credit card data.
The National Rifle Association (NRA)
https://www.nbcnews.com/tech/security/cybercriminals-claim-hacked-nra-rcna3929
Exploit: RansomwareNational Rifle Association: Gun Rights Activist Group
Risk to Business: 1.417= Severe
Guess who’s back? Cybersecurity researchers believe that the notorious Evil Corp has rebranded itself as Grief, the group that has claimed responsibility for a probable ransomware attack at The National Rifle Association (NRA). Grief posted 13 files to its news website last Wednesday after they claimed to have hacked the NRA. The gang is threatening to release more of the files if they’re not paid, but no ransom demand was specified. NBC News reported that the files it saw were related to grants. The samples provided by the gang include blank grant proposal forms, a list of recent grant recipients, an email to a recent grant winner earlier this month, a W-9 form and the minutes from a September 24th NRA teleconference meeting.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware can be used to steal and publicize sensitive information that a company doesn’t want exposed.
PracticeMax
https://www.govinfosecurity.com/phi-stolen-in-practice-management-firms-ransomware-attack-a-17813
Exploit: RansomwarePracticeMax: Medical Practice Management Services
Risk to Business: 1.822=Severe
A ransomware attack on medical practice management services firm PracticeMax may have exposed Protected Health Information. The company notified members of Village Health that they may have been impacted by a cyberattack in April and May of 2021. VillageHealth is a care coordination program for patients with chronic conditions run by DaVita Inc. and offered through health plans including Anthem and Humana. PracticeMax indicates the breach affected more than 4,400 of its members in legal filings, but a company statement warns that they cannot say for sure that any data was actually accessed or stolen.
Individual Risk: 1.703=Severe
In breach notification letters being sent on behalf of DaVita, Humana and Anthem, PracticeMax says the incident affected PHI including members’ first and last name, date of birth, address, phone number, Social Security Number, member ID number and clinical data pertaining to services received through the VillageHealth program.
How It Could Affect Your Business: Service providers that handle a lot of valuable data have been favored targets of ransomware groups looking to profit in the booming data markets.
United States – Schreiber Foods
https://www.zdnet.com/article/schreiber-foods-back-to-normal-after-ransomware-attack-shut-down-milk-plants/Exploit: Ransomware
Schreiber Foods: Dairy Processor
Risk to Business: 1.442=Extreme
Wisconsin-based dairy powerhouse Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack ground operations to a halt over the weekend. The company announced that a “cyber event” had disrupted operations at its processing and distribution centers after critical systems were knocked or taken offline. Schreiber uses a variety of digital systems and computers to manage milk processing, so this event impacted the entire dairy supply chain in the US. This is the latest incident in a string of massive production-impacting cyberattacks against agricultural sector targets. The company is the largest milk processor in Wisconsin, and it has reportedly been hit with a $2.5 million ransom demand.
Customers Impacted: Unknown
How It Could Affect Your Business: In September, the FBI released a notice warning companies in the food and agriculture sectors to watch out for ransomware attacks aiming to disrupt supply chains.
Canada – Toronto Transit Commission (TTC)
https://www.cbc.ca/news/canada/toronto/ttc-ransomware-attack-1.6231349Exploit: Hacking
Toronto Transit Commission (TTC): Government Entity
Risk to Business: 1.615= Severe
The Toronto Transit Commission was the victim of a ransomware attack that it says began last Thursday night and expanded on Friday. Officials were quick to assure the public that the attack has not caused any significant disruption to transit service and the public and employees are not at risk. They specified that transit vehicles are continuing to service their routes, but apps and computer displays of route information are being affected. There’s no word on when those functions will be restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks on infrastructure targets are common, and that means that organizations that run and serve them need to step up their security game.
United Kingdom – Graff
https://www.dailymail.co.uk/news/article-10148265/Massive-cyber-heist-rocks-high-society-jeweller-Graff.htmlExploit: Ransomware
Graff: Jeweler
Risk to Business: 1.512= Severe
The Conti ransomware gang made headlines again with a successful ransomware attack against high-society jeweler Graff. The company counts clients like Donald Trump, David Beckham, Oprah Winfrey and other major-league clientele. Graff operates at the top end of the diamond jewelry market, with more than 60 retail stores worldwide. Reports say that the Conti group has already posted 69,000 confidential documents on its dark web leak site including client lists, contact data and other proprietary information. Ransom demands are reported to be in the millions of pounds.
Customers Impacted: Unknown
How it Could Affect Your Business: Firms like Graff not only have records on deep-pocketed clients, they also have records on transactions that those clients may want to have kept quiet.
Poland – C.R.E.A.M. Finance
https://securityaffairs.co/wordpress/123861/cyber-crime/cream-finance-cyber-heist-130m.htmlExploit: Cryptojacking (Misconfiguration)
C.R.E.A.M. Finance: Decentralized Lending Platform
Risk to Business: 1.595 = Extreme
For the third time this year, cybercriminals have hit lending platform C.R.E.A.M. Finance, stealing cryptocurrency. This time, thieves made off with $130 million worth of cryptocurrency assets. According to the experts, the attackers have likely exploited a vulnerability in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their control before splitting them through other wallets. This is the third successful heist from the platform this year. Crooks jacked $29 million in August 2021 and $37 million in February 2021.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are always hungry for cash and crypto is the currency that they prefer, so stealing it will continue to be a popular option.
Thailand – Centara Hotels & Resorts
https://www.zdnet.com/article/luxury-hotel-chain-in-thailand-reports-data-breach/
Exploit: RansomwareCentara Hotels & Resorts: Hotel Chain
Risk to Business: 1.637 = Severe
The Desorden ransomware group claims to have stolen over 400GB of files and databases containing information belonging to millions of hotel guests of Thailand’s Centara Hotels & Resorts. The hotel chain is part of Central Group, a conglomerate that also includes the Central Restaurants Group, which it hacked earlier this month. The hackers made it clear that this attack was in retaliation for the Central Group’s refusal to pay the ransom for the first attack after negotiating and promising payment. That incident would have provided a ransom payment of $900,000 before Central Group backed out of the deal on Tuesday, spurring the second attack.
Individual Risk: 1.818 = Severe
The company admitted that attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses and photos of IDs. Whether or not passport data was included was not specified but it is commonly requested. The theft is said to have affected guests who stayed at the hotel chain between 2003 and 2021, including any guests that made advanced bookings up to December 2021.
How it Could Affect Your Business: Big pools of information are catnip to ransomware gangs, especially highly desirable PII or credit card data.
The Role of Compliance in Cybersecurity
The overall technology landscape is evolving at a breakneck pace. While these changes are meant to improve the quality of life, the unfortunate flip side is an increase in cyberthreats. This is why global cybersecurity spending increased from nearly $40 billion in 2019 to $54 billion in 2021.1 Unfortunately, due to a lack of spending on personnel or technology, SMBs are most likely to be targeted by threat actors.
Many organizations fall victim to cybercrime because compliance and security are not a high priority for them. For your organization to run smoothly, both compliance and security are critical. While compliance ensures that your organization stays within the bounds of industry or government laws/regulations, security ensures that your organization's integrity and vital data are safeguarded.
Know These Benefits
The following are the reasons why adhering to industry compliance regulations is so important from a cybersecurity perspective:
Encourages trust
Improves security posture
Reduces loss
Increases control
Industries and Regulations
While each industry has its own set of cybersecurity issues, some overlap. Phishing, for example, is a threat that almost all industries face. To combat these challenges, each sector has its own set of compliance and regulatory standards with specific provisions for security and privacy.
Some regulations apply to multiple industries as well. Note that compliance regulations change from one country to the next and sometimes even within the same country. Let’s take a look at some of the industries and their associated regulations:
Healthcare
In the healthcare industry, shared data is highly sensitive. Cybercriminals who steal protected health information (PHI) usually fetch a high price for it on the dark web. Therefore, there are regulations in place, like the ones mentioned below, to ensure the secure handling of data:- In the United States, the Health Insurance Portability and Accountability Act (HIPAA) prohibits the disclosure of PHI without the patient's consent.
- In the European Union (EU), generic data protection laws, such as the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA), regulate the handling of health-related data.
Finance
Finance is often the most regulated sector because a big chunk of data revolves around payments and financial transfers. Some of the most popular regulations in this industry are listed below.- The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard aimed at reducing payment card fraud for organizations that deal with branded payment cards. The scope of this regulation goes beyond the financial industry.
- In Japan, the Act on the Protection of Personal Information (APPI) regulates the commercial usage of personal data.
- The EU's Payment Services Directive (PSD2) governs data transfer during end-to-end payments.
Defense
There are strict regulations in the defense sector since a breach could result in the disclosure of national secrets.- The Cybersecurity Maturity Model Certification (CMMC) governs the Defense Industrial Base (DIB) in the United States.
- In Australia, the Defense Industry Security Program (DISP) assists organizations in understanding and meeting their security duties when working on defense projects, contracts and tenders.
Upgrading the compliance and security posture of your business is no more an option but rather a necessary undertaking. However, it takes significant time and effort. Our expertise and knowledge can take a considerable load off your shoulders as you factor compliance into your organization’s cybersecurity posture.
Sources:
- Statista
- IBM CDBR 2020