Episode 22 - Cybersecurity Actuarially

Join us to explore practical theories around the business of risk and how to prioritize where you can have the largest impact. When you are faced with multiple attack vectors, how do you triage the situation and decide where to start. We're going to talk through some case studies and form a plan of action. 

Notes

Trends by Industry - Red Canary Threat Detection Report Our new industry analysis showcases how adversaries reliably leverage the same small set of 10-20 techniques against organizations, regardless of their sector or industry. 

Inside the 2024 Threat Detection Report - Red Canary 

NetDiligence – Cyber Claims study – October 2023 

13th year 

9,000 cyber claims for incidents that occurred during the five-year period 2018–2022 

https://netdiligence.com/wp-content/uploads/2023/10/2023-NetDiligence-Cyber-Claims-Study_v1.1.pdf 

Stuart’s takeaways:  

• Business email compromise (phishing) and ransomware are the only threats that matter until you can stop them 

• ALL businesses have issues with these threats 

• The bigger the company, the bigger the costs of payment and remediation 

Is Automatic security possible for business email compromise/phishing and/or ransomware? 

What does it look like? 

Let’s run it through the framework – Find, Stop, Prevent Future 

The Vision of Automatic Security 

Definition #1 – Business definition of “security that just works” 

 Systemic and continuous reduction of risk amidst a chaotic and dynamic environment. 

Definition #2 – Cybersecurity minimizes risk exposure by continuously: 

• Finding bad 

• Stopping bad 

• Preventing future bad 

Definition #3 - Automatic Security is the continuous minimization of the overall risk exposure of your organization by automatically: 

• Finding bad 

• Stopping bad 

• Preventing future bad 

Back to insurance – risk potential are the bad things that can happen - assets breaking – cars, homes, your body.  

But in IT / cyber – bad things are happens ALL THE TIME – 24/7 – Imaging driving down the road and instead of every car not wanting to get into a crash – a significant portion of the other cars are actively trying to crash into you!! 

So we can’t be passive here – we need to actively mitigate risk.  Or mitigate the potential bad. 

The challenge comes from the chaotic and dynamic nature of technology and organizational systems. 

3 things are required to achieve automatic security 

1. Visibility & Correlation 

2. Prioritization 

3. Feedback loops 

Business Calculations 

TCO – Total cost of ownership (Insurance premiums) 

Expected Future Loss (forecasting) 

Realized Future Loss (reporting)