Light Upon CYber insurance / © Amrae - 17 - The Lucy study shows a particularly sharp drop in claims for large and Mid-cap companies. Has the cyber threat decreased? The 8th edition of the Cesin Barometer1 shows a steady decline in the number of companies that have experienced at least one significant attack: from 71% in 2020, it has dropped to 54% in 2021 and 45% in 2022. But that doesn’t mean the threat is decreasing. In fact, it is defense that is improving: many attacks are blocked or contained before they produce significant damage, and that is what the barometer seeks to measure. Companies have invested to strengthen their capabilities: they have an average of 14.9 security solutions, the core of which is very often (in 81% of cases) the combination of EDR (Endpoint Detection Response) and MFA (multi-factor authentication). Are SMEs in the same boat? No. Unfortunately, these companies are still in trouble. The investments required to secure an information system cannot be strictly proportional to the size of a company. There is a minimum threshold of defenses below which it is risky to go. It is necessary, for example, to have a minimum of cyber resources with a professional in charge of the subject. Which elements seem to you the most threatening in the short and medium term? We need to be alert to so-called “supply chain” cyberattacks, such as Solarwinds in 2020 or C3X recently. This voice over IP telephony solution is installed on a few hundred thousand workstations worldwide. At the beginning of 2023, C3X realized that its latest version had been compromised by malware, which, through a rebound effect, infected a large number of customers. The risk is that this software will be considered legitimate by enterprise customers: if a EDR alerts on suspicious behavior, it may fall under the radar because the enterprise will think it is a false positive, not questioning the integrity of a widely distributed software. On the corporate side, it is difficult to detect and counter these attacks. Because of their multiplier effect on all customers of a product, they can cause significant damage. It is to be hoped that they do not increase significantly. More than the war in Ukraine? This war has produced many cyber events, but rather regional, without any real international escalation. But a resumption of attacks cannot be excluded. The conflict is still there and both sides have developed very sophisticated cyber skills. “The number of attacks does not seem to have decreased, but it is likely that the defenders have made progress!” MYLÈNE JAROSSAY CISO of LVMH Group and President of Cesin (Club of Information and Digital Security Experts) INTERVIEW 1. https://www.cesin.fr/articles-slug/?slug=8ème édition of the CESIN annual barometer
RkJQdWJsaXNoZXIy MTkzNjg=