When cybersecurity firm Mimecast discovered in early 2021 that its systems were compromised, it wasn’t because hackers targeted the company itself. Rather, one of its suppliers had been.
And not just by any hackers, either. The culprit in this case, according to experts? The APT29 entity, a group often associated with Russia’s Foreign Intelligence Service (SVR).
That’s just one example of the increasingly complex array of existential threats faced by modern organizations – and the threat landscape is only getting worse. Not only do the costs of a cyber attack or data breach rise practically by the day, but so does the likelihood of your organization experiencing such an incident through increasingly sophisticated exploits of software supply chain vulnerabilities.
Those are the main takeaways of two recent cybersecurity reports from IBM and the European Agency for Cybersecurity (ENISA). We’ll drill down into exactly what they mean for you and your organization below.
Data breach costs rising quickly
The 2021 version of IBM’s annual Cost of a Data Breach Report made for some grim reading: The year-over-year costs associated with data breaches rose by 10 percent in 2021 (from $3.86 million to $4.24 million). That’s the highest-ever cost since IBM began producing the report 17 years ago and the most significant cost increase in seven years.
The public sector led the way, experiencing an unfortunate 78.7 percent year-over-year increase in average total data breach costs.
IBM says most data breach costs are driven by detection and escalation; lost business, reputation, and revenue; notifications (of regulators, data subjects, and other third parties); and victim support activities.
Other cost highlights of the report include:
- The average cost per lost or stolen record was $161 – up from $146 per record in 2020
- Personally identifiable information (PII) was the most expensive record type, at $180 per record
- Data breaches took an average of 287 days to identify and contain
- Data breaches of 200-plus days cost an average of $4.87 million
But there was also some good news – especially for organizations with robust security measures in place. “Costs were significantly lower for some organizations with a more mature security posture,” reads the report, “and higher for organizations that lagged in areas such as security AI and automation, zero trust and cloud security.”
Organizations with mature security postures and zero-trust architectures enjoy several other advantages, according to the report, including:
- Lower costs per data breach (a difference of almost $2 million) when zero-trust architectures are deployed
- Lower costs per data breach (a difference of almost $3 million) for highly compliant organizations
- An 80 percent cost difference when security AI and automation is fully deployed
- A cost savings of more than $1 million per breach for hybrid cloud environments (vs. fully public cloud systems)
The regions with the largest one-year cost increases were Latin America, South Africa, Australia, Canada, the UK, and France.
Supply chain attacks on the rise
ENISA, an Athens-based EU agency founded in 2004, says the pace and sophistication of supply chain attacks increased notably in 2020. Based on recent numbers – twenty-four supply chain attacks were discovered between January 2020 and July 2021 – and despite a recent U.S. Executive Order strengthening supply chain security, the group estimates 2021 will be four times worse.
A supply chain attack technically consists of two separate yet related attacks: One on a supplier, and the other on the supplier’s clients and their assets (in the case of the devastating SolarWinds hack, for example, SolarWinds was the supplier and affected clients included Microsoft and the U.S. Department of Homeland Security). Supply chain attacks include a range of specific techniques, including social engineering, malware, or software and configuration vulnerability exploits.
But supply chain attacks aren’t just rising in volume. They’re also increasing in sophistication. ENISA says half the attacks studied in its report were launched by advanced persistent threat (APT) actors with access to more resources than a typical hacker. APT groups are often made up of state-sponsored hacking groups or even nation states themselves, and typically sustain their attacks over months or even years.
In its study of supply chain attacks from January 2020 to July 2021, ENISA also found that:
- 62% of the attacks studied took advantage of a customer’s trust in their supplier
- 62% of cases involved malware
- 66% targeted a suppliers’ code
- 58% targeted access to data, including personally identifiable information (PII) and intellectual property (IP)
- 16% targeted access to people
ENISA says organizations must ensure supplier IT security is as tightly locked down as their own to be safe from supply chain attacks. “An organization could be vulnerable to a supply chain attack even when its own defences are quite good,” reads the report. “The attackers are trying to explore new potential highways to infiltrate them by moving to their suppliers and making a target out of them.”
But keeping close tabs on the security posture of a large enterprise’s many suppliers is nearly impossible via traditional technologies.
Tehama helps stop supply chain attacks and data breaches
Tehama’s Secure Digital Office Platform helps thwart supply chain attacks through a secure, compliant virtual work environment and zero-trust remote access to corporate and cloud networks.
Our next-generation desktop-as-a-service (DaaS) is the fastest, easiest, and most secure DaaS solution in the world. It secures your supply chain by connecting suppliers, contractors, and employees to cloud-based, secure virtual desktops within virtual Workrooms through a secure gateway. This gateway provides a secure perimeter around your entire work environment with no complex infrastructure or extra tooling, and a secure path to data for remote workers or suppliers anywhere in the world.
All virtual Workrooms and desktops come equipped with:
- A built-in zero-trust access model, including policy-based access controls and multi-factor authentication (MFA), and endpoint isolation
- Least privilege permissions for global workers and suppliers, granting access to only the systems and information they need
- The agility to deploy in minutes (and scale up or down just as quickly)
- A virtual desktop admin console for centralized management and provisioning, including desktop intelligence and automation for monitoring and optimizing all end-user devices
- Built-in compliance and auditing tools for SOC 2 Type II, NYDFS 23 NYCRR 500, NERC & CIP, FIPS, HIPAA, PIPEDA, and CyberSecure Canada
Tehama helps chief information security officers (CISOs) do their jobs more effectively in the age of large-scale remote work, bring-your-own-device (BYOD), and exponentially multiplying threats and related costs.
But IT security isn’t solely about technology – CISOs also need a bulletproof plan for scaling and securing the new hybrid workforce of in-office and remote employees. Download Tehama’s Ultimate CISO Guide to Scaling a Remote Workforce for a practical, ready-to-implement blueprint for enabling a hybrid workforce quickly and securely.
To see Tehama in action contact us to book a demo.