Homepage

Portfolio

Services

Gallery

About

Clients

Testimonials

Blog

Contact

Terms and conditions

Privacy Policy

Changelog
Karuso portfolio Webflow template

Template's Overview

Email us

Call us

powered by weflow

Made by metrik

Cyber Security

Cyber security concerns 2022:

 

The cyber security landscape is rapidly evolving, and business leaders must adapt to manage these changes effectively. With 2022 upon us, Gurpreet Thathy, Valkyrie’s director of Cyber Security and Electronic Counter Measures, provides his thoughts on the critical areas of concern for the year ahead.

 

Cyber Insurance:

Throughout 2019/20, most organisations could obtain cyber insurance with relative ease and at a reasonable price, as the insurance market saw intense competition for customers. As cyber incidents have increased and insurers have experienced losses, this dynamic has changed. Insurance firms are not as willing to underwrite the risks associated with cyber security as they once were – and so we can expect premiums to increase as the cyber insurance market continues to harden throughout 2022.

 

Alongside higher insurance premiums, we anticipate that the increasing frequency of cyber-attacks may result in insurance firms turning to co-insurance models, where the insured and insurer agree to share claims costs. In these cases, some insurers may decide only to cover those costs required to recover from a cyber incident but may not reimburse insureds for ransom payments. Cyber preparedness and prevention will become ever more critical in 2022 as organisations are forced to take more responsibility for their security.

 

Supply chain attack:

Organisations are increasingly reliant on third-party managed service providers (MSPs) to service their IT requirements. Ransomware is a volume business and, for cybercriminals looking to exert maximal impact with minimal effort, breaching a third-party organisation represents an opportunity to impact the hundreds or even thousands of that victim’s clients – and their client’s clients – all at once.

 

Organisations that are best-prepared for a supply chain attack will be those that operate on the basis that, regrettably, the risk of breaches through third-party vulnerabilities can never be satisfactorily mitigated – and who, therefore, have robust incident response plans in place to respond when they do occur. However, just having incident response plans in place is not enough, and organisations should rehearse these plans regularly to ensure they know how to deal with any crisis when it occurs.

 

Remote working:

At least in the short term, we are unlikely to see a return to office working – companies are expecting 50% of their workforces to continue to work from home (WFH) for the next 12 months.

While this shift to hybrid working solutions has triggered most companies to change their cyber incident response plans, either in part or entirely, hybrid working remains a crucial concern for cyber decision-makers.

 

The Covid-19 pandemic normalised WFH and saw companies and individuals investing in home office equipment and upgraded broadband. While this has been good news for meeting platforms and delivery companies, it has also been great news for criminals, as organisations’ attack potential has extended beyond the office’s confines into many poorly-secured home networks, each supporting dozens of devices bringing their vulnerabilities.

 

Over 2022, we will likely start to see new technologies and security solutions that assist companies in managing remote working security issues without invading employees’ privacy at home.

 

Cyber security budgets/investment:

Cyber budgets have declined when the cost of cybercrime and the frequency of attacks are increasing. Approximately half of the organisations either halted or decreased their spending on cyber security during the pandemic. Following this lack of growth in cyber budgets, IT leaders are now planning to increase budgets (Cyber) for this year by approximately 8-10%. However, with inflation running high, it remains to be seen whether this slight increase will be enough to make up for ground already lost.

 

In addition, many businesses struggle to deploy cyber security investments in the correct places. A better understanding of how to prioritise areas for cyber investment is required and, with cyberattacks becoming more frequent and sophisticated, business leaders need to commit to strategic investment. This is the best way to reliably reduce cyber risk and minimise the financial and reputational damage caused by incidents.

 

The ongoing threat of ransomware attack:

According to the UK National Cyber Security Centre, there were three times as many ransomware attacks in the first quarter of 2021 as in the whole of 2019. Once again, we can largely blame this on the pandemic, and the growth in the amount of activity carried out online and in digital environments. Ransomware typically involves infecting devices (such as laptops or mobile phones) with a virus that locks files away behind unbreakable cryptography and threatens to destroy them unless a ransom is paid – usually in the form of untraceable cryptocurrency. Alternatively, the software virus may threaten to publish the data publicly, leaving the organisation or individual liable to enormous fines.

 

Ransomware is typically deployed through phishing attacks – where employees of an organisation are tricked into providing details or clicking a link that downloads the ransomware software (sometimes called malware) onto a computer.

 

One result of the higher volume of ransomware attacks and their increased impact over the past year is that the US government and law enforcement agencies have become more active in combatting international ransomware groups. In addition to several offensive cyber operations in 2021 targeting known criminal groups, lawmakers around the globe are beginning to grapple with how best to regulate the issue.

 

One such proposal gathering momentum in the US is a legislative ban on paying ransoms to criminals. It is hoped that this will limit revenue for ransomware gangs and reduce their capabilities and threat. It is also anticipated that more cyber insurance firms will remove coverage of ransom payments from their policies in 2022. This should halt ransomware groups from making payment demands and help the cyber insurance market reduce losses experienced in this area in recent years.

 

Currently, education is the most effective method of tackling this threat, with research showing that employees who are aware of the dangers of this type of attack are eight times less likely to fall, victim.

 

The industrial and economic espionage threat continues to grow and evolve:

Industrial and economic espionage levels have been on the rise in recent years with the advent of cheap, readily available equipment (known as ‘bugs’) that can easily be purchased online. With the Covid-19 pandemic hitting organisations and businesses, the temptation for gaining an advantage over competitors has seen the rise in corporate espionage and insider threats. The quest for illicit intelligence is a never-ending threat, whether from criminals trying to obtain information for financial gain or sophisticated, state-sponsored adversaries looking to gain political and military advantage.

 

Devices such as electronic bugs, listening devices, hidden cameras, mobile phone interception, Bluetooth interception, laser microphones, burst transmitters and other similar eavesdropping devices are all readily available over the Internet to anyone with a credit card. As a result, there is now a more significant threat present than ever before – especially for businesses. The risk for companies is that their sensitive information, such as proprietary product specifications or formulas, business plans, and client data, can all be exploited.

 

Typically, industrial spies seek any data they can exploit, whether to sell it to third parties or use it to gain a competitive advantage. The security of your building, your information, private conversations, plans and secrets can all be compromised by surveillance devices, from small, inexpensive GSM/UMTS bugs to bespoke devices created by state actors. With many companies continuing to employ a work from home policy, it has left the few employees and other staff working onsite unsupervised, often over long periods. This has created the perfect opportunity for adversaries to breach security.

 

We believe raising awareness about these threats is key in protecting yourself from security incidents. If in doubt, please give us a call to discuss the threats and how we can mitigate these risks and lower the risk of a security/data breach. security@valkyrie.co.uk | +44 (0) 2074 999 323

Valkyrie Updates

News

Stay informed with the latest insights, expertise and innovations in the world of security with Valkyrie’s news, reports and white papers

July 26, 2024

Action Needed to Combat Online Exploitation

The alarming rise in online child grooming crimes has reached a record high, highlighting an urgent need to protect children online. Valkyrie’s Director of Cyber and Electronic Countermeasures, Gurpreet Thathy, has been working in this field since 2008 and was involved in Operation Notarise in 2014, investigating and tackling organised grooming gangs. Even back then, […]
July 18, 2024

Exciting News: Quantum Group Acquires Forensic Control!

Quantum Group, the Parent Company of Valkyrie, is thrilled to announce the acquisition of Forensic Control. Forensic Control, a leading specialist in cyber security and digital forensics, is renowned for making the complex world of cyber security clear and manageable. This strategic acquisition not only strengthens our existing service portfolio but also expands our capabilities […]
July 12, 2024

Total Protection

Valkyrie’s Director of Cyber Security and Electronic Countermeasures, Gurpreet Thathy, has been engaged in a variety of tasks over the past few weeks. These include training sessions in Scotland, cyber assessments in Devon, and TSCM and forensic work in London and Birmingham. However, yesterday, Gurpreet joined our esteemed colleague, Neal Gozzett of Monan Gozzett LLP, […]
July 05, 2024

Safeguarding Personal Information Post-Incident

With the increasing integration of technology into our daily lives, personal security breaches have become alarmingly common. Where it was once standard to have separate devices for personal and work use, it is now the norm to rely on a single device for everything. This convenience is offset by the potentially devastating consequences of a […]
June 21, 2024

Wi-Fi Jammers and Unauthorised Surveillance

Criminals are increasingly using sophisticated technology to target victims. Staying aware of these trends is essential to ensuring your security, that of your family, and that of your property. A particularly concerning development involves using Wi-Fi jammers to deactivate home security systems and mobile phones. These devices block the radio signals used for communication, posing […]

RF Jammers
June 14, 2024

Valkyrie update

Over the past few weeks, the Valkyrie team has tackled a variety of challenging and unique projects that required our full range of investigative and security expertise. One recent highlight was a comprehensive surveillance training program. The team relocated from London for three weeks to deliver intensive training on covert surveillance techniques, covering theoretical, practical, […]

Email us

security@valkyrie.co.uk

(Response within 24 hours)

Call us

+44 (0)20 7499 9323

(24/7 - 365 days a year)

Visit us

15 Belgrave Square, London
SW1X 8PS, UK

(0900 to 1700 Monday - Friday)

© 2024
|

Made by