What does the cyber threat landscape in the UK currently look like?

For many businesses, cyber security is still a rarefied thing that is difficult to plan for and difficult to understand. So, to help Business Leader readers gain more of an understanding of what the threat landscape looks like, in our latest edition of Business Leader Magazine, we recently held a debate on the subject.

Sergio Caltagirone, who is Vice President of Threat Intelligence at Dragos, opened the conversation by giving an assessment of the current threats companies are facing.

He comments: “The biggest cyber security threat for companies is resilience in a changing threat environment and being able to keep up with what is going on.

“Dragos recently commissioned some research which showed that in 2020, 36% of companies in the industrial sector had external internet facing connectivity but in 2021, this had jumped to 70%, meaning there has been a huge increase in the remote management of systems and remote access to technology, which will mean a big increase in threats.

“In 2019, we didn’t see major intrusions into the industrial sector but in 2020 and 2021, we did and there was a lot more direct attack.”

With cyber-attacks seemingly more common, what can businesses do to mitigate the threats?

Caltagirone says: “It is not yet sufficiently reaching board level. Many are aware of the risks, but they aren’t actively managing it well. It’s not enough to just brief your board because until it is in your risk register, it is not getting dealt with. Another issue is that many companies have insufficient visibility, and they can’t tell you what has happened.”

Laurance Dine is Global Lead, X-Force IRIS Incident Response at IBM, and comments on the threat landscape.

He says: “Ransomware attacks are increasing along with phishing attacks and data theft is increasing a lot too, where company information is being stolen and sold to different threat groups. The UK is one of the most-attacked territories, and critical infrastructure and manufacturing are most attacked because these groups prey on people that are going to pay them. Manufacturing is strained due to Covid and the pressures that are being put on supply chains, which means they are well-placed to be attacked and pay the threat groups.”

On how cyber gangs are evolving, Dine says we can expect more of the same and a rise in ransomware as a service, where gangs acquire domain credentials and sell them on, asking for a percentage of any payment that is made. He also says that groups are happier to work in collaboration if they all get paid.

Vicki Bowles is a Data Protection Partner at VWV and says that human error is also still a key actor.

She comments: “Phishing is still a common threat our customers are dealing with and, in particular, human error, where an employee is responding to a corrupt email and inputting information that creates risk. In addition, we’re seeing more organisations that aren’t subject to a breach themselves, but a platform or supplier is, and they suffer a knock-on effect from this. If you work in personal data and you have a platform that you store data on, and this is hacked as a data controller, you’re responsible for that.”

Bowles says that businesses can mitigate risk by training staff and making sure that you do regular testing because for many companies, the organisational side isn’t as good as it should be.

If a business is attacked, it can often be a struggle to know what to do next and what legal recourse you have. Bowles explains: “A lawyer shouldn’t be the first person you talk to, and you should go to your insurer first, but there are legal remedies if it comes to this. The biggest hurdle is identifying the person who has caused the attack because if you can’t do that, you can’t act against them. It can sometimes cost more to investigate and find the perpetrator than your initial loss, and time can sometimes be better spent making sure it doesn’t happen again.”

Digital Transformation

The debate then turned to the subject of digital transformation, which has become a buzzword for many companies.

Caltagirone believes it is right for companies to embrace digital, but it can naturally mean more risk. He says: “It has become a buzzword, but what it means is the shift from companies being analogue or highly offline to more digital and we’re seeing more companies in the industrial and manufacturing sector embrace digital transformation because you can gain economies of scale by leveraging software and sending telemetry offsite.

“It is a risk though, because you’re adding more organisations to what you do, and this means onboarding more threats and more partners that may be breached and impact your business.”

Oliver Chapman, who is the Founder and Managing Director of OCI, comments: “There has been a huge transition in the digital supply chain, and we are shifting from physical trade to digital trade. By 2025, the global trade of physical products will be surpassed by digital purchases and sales. This is huge and, of course, it is going to mean more risk. Too many industries are archaic though, and working on paper, for example, and this will change fast.”

About Digital Transformation, Dine concludes: “Any type of digital transformation will bring on new partners, which means bringing on new adversaries, but you just need to manage your environment in a way that assumes there are threat actors out there.

“We are also seeing a lot of major breaches happen with mergers and acquisitions because a company will acquire another and then bring on their systems and you’ll see that the breach happened when the business plugged into some new systems. What we’ll also see is threat actors taking people out in your supply chain but asking you to pay for it. We have seen it a couple of times already, but it will happen more often.”