Cyber Risk

Digital Operational Resilience Act: Financial Institutions

Digital Operational Resilience Act: Financial Institutions The Digital Operational Resilience Act is a landmark piece of legislation designed to strengthen the cyber security and operational resilience of financial institutions within the European Union. As the financial sector continues to become increasingly digital, the need for robust defences against cyber threats has never been more critical. Digital Operational Resilience Act aims to address this need by establishing a comprehensive framework for managing digital risks and ensuring the stability of the financial system. In this article “Digital Operational Resilience Act: Financial Institutions”, we will delve into the key aspects of Digital Operational Resilience Act, explore the steps financial institutions can take to assess their existing frameworks and discuss strategies for implementing effective compliance and remediation measures. Understanding Digital Operational Resilience Act and Its Implications The Digital Operational Resilience Act (DORA) is a significant piece of legislation aimed at strengthening the resilience of

By |2024-11-22T15:59:34+00:00November 22nd, 2024|Blog|0 Comments
Read More

8 Surefire Shields Against Ransomware

8 Surefire Shields Against Ransomware In our increasingly digital world, data is the cornerstone of our lives. It stores everything from personal photos to financial records, and for organisations, it is the engine that keeps operations running. But with this dependence comes a growing threat: Ransomware. This malicious software acts like a digital kidnapper, encrypting your files and holding them hostage until a ransom is paid. Ransomware attacks can be devastating. By scrambling your data, they can grind organisations to a halt, leading to lost revenue and damaged reputations. For individuals, the impact can be just as severe, with cherished memories and important documents locked away. This can be a devastating blow to individuals and organisations alike, resulting in financial losses, operational disruptions, and reputational damage. Read our blog, “8 Surefire Shields Against Ransomware”, to help you keep your data safe. Understanding the Enemy: How Ransomware Operates Before diving into

By |2024-03-22T11:16:00+00:00March 22nd, 2024|Blog|0 Comments
Read More

Using Cyber Risk Ratings for DORA Compliance

Using Cyber Risk Ratings for DORA Compliance The number of cyber attacks across the world is on the rise, and the European Union is taking steps to strengthen the IT security of financial institutions such as banks, insurance companies and investment firms. DORA, the Digital Operational Resilience Act, will help ensure that the financial sector in Europe can maintain operations even in the event of a severe operational disruption. The Council presidency and the European Parliament have reached a provisional agreement on DORA, which is a positive step forward in protecting Europe's finances. Continue reading to learn more about using cyber risk ratings for DORA compliance. Introduction In today's digital world, it is essential for companies and organisations operating in the financial sector to have robust security measures in place for their network and information systems. The EU's DORA sets out uniform requirements for such security, as well as for

By |2023-03-30T17:09:14+00:00September 26th, 2022|Blog|Comments Off on Using Cyber Risk Ratings for DORA Compliance
Read More

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine It was only 60 years ago when the world feared a global nuclear war. Fortunately, we made it through that period. But with geopolitical tensions at an all-time high, the risk of a devastating global cyber war is becoming more and more likely. This is why each of us needs to do our part to reduce cyber risk. Understanding cyber risk exposure for vendors in Russia and Ukraine should be a priority for all businesses with vendors in those countries. Recently, the United States (US)  and other countries imposed sanctions on Russia for its invasion of Ukraine. These sanctions have sparked a considerable amount of concern, especially surrounding the issue of cyber attacks on US organisations and those based in allied countries. These are uncertain times, but many experts predict that the attacks will be wide-ranging. They'll involve ransomware and

By |2023-03-30T17:09:15+00:00March 10th, 2022|Blog|Comments Off on Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine
Read More

Will conflict in Ukraine raise the risk of cyber attacks in other countries?

  Will conflict in Ukraine raise the risk of cyber attacks in other countries? In a nutshell, the general consensus is, yes. Conflict in Ukraine will raise the risk of cyber attacks in other countries. If as is expected, the situation in Ukraine escalates to all out conflict, we can expect significant offensive cyber operations against Ukrainian government, utility and industrial targets and targets beyond Ukraine as well. Not NotPetya again? As we saw in 2017 with the NotPetya Ransomware campaign, which was aimed at Ukrainian companies via a popular local accounting software platform, that was widely attributed to Russian threat actors in the wake of the Crimean peninsula annexation, cyber attacks can spread in an uncontrolled manner, even when the threat actor is not specifically targeting a wider audience. NotPetya ended up seriously affecting the business operations of hundreds of companies around the world, including A.P. Møller-Mærsk (who

By |2023-03-30T17:09:15+00:00February 13th, 2022|Blog|Comments Off on Will conflict in Ukraine raise the risk of cyber attacks in other countries?
Read More

Data Privacy and the Future of Business

Data Privacy and the Future of Business 2021 was a watershed year in terms of business data use. And 2022 is likely to be another. Therefore, it is imperative that businesses put their best foot forward when it comes to data privacy.  Let's take a look at data privacy and the future of business. These few steps can help businesses make significant strides in developing better privacy habits. With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business success today would be a massive understatement. From tweaking shipping strategies to delivering more relevant advertising campaigns to customers, businesses are constantly looking for ways to make more data-driven decisions. But with this access to consumer data comes great responsibility. And unfortunately, in many consumers’ eyes companies are not doing all they can to make sure that their

By |2023-03-30T17:09:31+00:00February 10th, 2022|Blog|Comments Off on Data Privacy and the Future of Business
Read More

10 Tips for Detecting and Mitigating Phishing Attacks

10 Tips for Detecting and Mitigating Phishing Attacks Despite being a well known problem, phishing remains a significant issue for companies. Notwithstanding the increased sophistication of new malware and advanced persistent threats, phishing is still one of the most effective ways to breach networks, steal money and credentials, and exfiltrate data. Phishing can be the first stage in a sophisticated information-stealing attack. It's a tried and true method that cyber criminals have been using for years but are now adapting to their own needs. It remains pervasive because phishers get away with it so often. Read on for ways to detect and mitigate phishing attacks. There are many types of phishing attacks organisations must be wary of. The main outcomes of all phishing attempts are to steal credentials, instigate a ransomware attack, install malware or trick a person into making a payment for a fictitious service. “Phishing emails are one

By |2023-03-30T17:09:34+00:00May 11th, 2021|Blog|Comments Off on 10 Tips for Detecting and Mitigating Phishing Attacks
Read More

Ransomware: Facts, Risks, and Countermeasures

Ransomware: Facts, Risks, and Countermeasures Ransomware has been a major threat to cyber security in the past few years. The malware encrypts files, locking them and demanding a ransom to unlock them. These ransomware attacks have affected organisations, hospitals, schools, municipalities and enterprises. Ransomware is becoming more sophisticated and difficult to stop, with attackers increasingly encrypting data before demanding money to decrypt it. One thing is certain: ransomware attacks have many different appearances and come in all shapes and sizes. Continue reading to find out about the latest development in the fight against ransomware. Malware with a ransom note Ransomware is a type of malware that is used to encrypt files held on a computer in such a way that they can only be unencrypted by paying a ransom. Victims are told that they must pay the ransom, or risk to lose access to their files forever. Users are shown

By |2023-03-30T17:09:34+00:00May 4th, 2021|Blog|Comments Off on Ransomware: Facts, Risks, and Countermeasures
Read More

Cats, Dogs and Cyber Security

My wife is a cat person.  We have two fluff-ball Ragdoll cats, who are not allowed outside - mainly because we know that they have the capability to scale our garden wall, but probably not the ability to find their way home again! Recently, we adopted a rescue dog.  She is however, allowed into the garden; much to the chagrin of the cats.  This is because, to our knowledge, we do not believe that the dog has the capability of scaling our outer perimeter. In the information security world, we at Elasticito, spend a lot of time working with information security teams and senior management helping them to understand and manage cyber risks, threats and threat actor capabilities within the context of their businesses.  It seems to me, that the complex world of cyber security is actually not much more complex than the dynamics between cats, dogs and garden fences.

By |2023-03-30T17:09:34+00:00April 27th, 2021|Blog|Comments Off on Cats, Dogs and Cyber Security
Read More

The Ransomware Revolution

The Ransomware Revolution In recent years, we’ve seen a fundamental shift in how threat actors approach ransomware. Threat actors today are not as interested in taking credit for encrypting files and escaping with stolen funds or valuable data. They’re more focused on destroying backups and exfiltrating data before they can be recovered. According to Forbes, this significant alteration has increased the scope of cyber attacks, raising ransom payments much higher than prior averages. Forbes emphasises that average ransomware payments have steadily risen over the past five years, from less than $300 in 2015 to $6,700 in 2018 to $111,000 in 2020. Continue reading to find out more about the ransomware revolution. The State of Ransomware in 2021 Ransomware was the most common cyber threat to organisations in 2020. It is especially prevalent among finance, e-commerce, and healthcare companies. In addition to the costs of security incidents, ransomware also has a negative impact on victim companies'

By |2023-03-30T17:09:34+00:00April 20th, 2021|Blog|Comments Off on The Ransomware Revolution
Read More