Between the Microsoft Exchange Attacks in March 2021, the Colonial Pipeline Attack in May 2021 and the Kaseya Supply Chain Attack last month, it seems this is the year that has firmly cemented that any and every business is vulnerable to cyber security threats. Taking for example the Microsoft hack, Darren Thomson (pictured) head of cyber security strategy at CyberCube, noted that the threat actors didn’t go after Microsoft for its data but rather to steal the data of its customers.
“They’re going after the smaller people but they’re doing it through the bigger people,” he said. “Largely small to medium-sized businesses are the target. It was similar with the Kaseya attack. So it’s a really interesting and important observation to make – that we must do everything we can to discourage people from thinking that if you’re small, you’re out of sight, because that absolutely isn’t the case.”
The fact that cyber risk is so extensive is why cyber insurance exists, noted Thomson – because not all cyber risk can be mitigated, and thus solutions need to be in place to protect people and businesses when the worst-case scenario occurs.
For his team, it’s instrumental to create and maintain a strong knowledge base that’s easily accessible to every stakeholder in the cyber risk equation. Whether that’s through in-depth reports, consistent briefings or forming industry partnerships, CyberCube has earmarked the requirement for timely, up-to-date and continual analysis of the key trends sweeping this ever-changing sector.
A clear example is the firm’s Broker Manager application which was crafted to help brokers quantify, understand and explain to their clients the sources and potential impact of cyber risk exposures.
“We launched that product just over a year ago now, and it has been embraced in a way we would never have imagined, and I think the [cyber] broking space is really exciting right now,” he said. “So, fundamentally what Broker Manager does is make a broker look great in front of their clients. It helps them to have intelligent, informed conversations about exposure and risk, and cyber trends and ransomware, while, at the same time, it’s feeding them analytics that can be used to help price a policy.”
What the firm has seen is not just that the tool itself has been in high demand but also that it is sparking a desire within brokers to expand their expertise and understanding. CyberCube has a fledgling consultancy business that started earlier this year, he said, and it has found that it is brokers who are keeping that busy. Unsurprisingly, a lot of brokers do not come from the cyber world and so they need that in-depth understanding that can only be granted through reports and threat briefings and a constant drip-feed of relevant information.
There’s a skills gap generally in security, in the macro-environment and there’s certainly one in the cyber security space, Thomson said. He highlighted that in a previous role, running a team of around 250 people at Symantec, one of the biggest problems he faced was that of retention and recruitment. And that was at one of the largest security vendors in the world, so if they were facing a talent crush then it is essentially unfeasible that a smaller broker would be able to get their hands on the best cyber talent.
“That’s where we think we can really help because there are about 125 people in the company now and we’re scaling up pretty quickly,” he said, “And at least a third of those are what I would term cyber experts.”
It’s through the experience of this team that CyberCube is able to hold its briefing on the current cyber threat landscape twice a year. Thomson highlighted that this composes a global threat landscape briefing, which summarises the previous 12 months and predicts future patterns, and then a mid-year update on what the group has seen and what updates need to be made to those trends and predictions.
Given the rapidly evolving nature of the sector, such services are more essential now than ever and, through providing them, Thomson and his team have been able to generate an overview of where the space is headed.
“The vendors in the security world are deploying really advanced AI techniques to combat this problem,” he said. “So I do expect the problem to continue and evolve, but over the next five years, I don’t expect it will be the sort of bloodbath we’ve seen in the previous two years. We at CyberCube are on a mission [to keep this progress going] and there’s still a lot to do.”