CyberCube has recently published its Global Threat Briefing for H1. I'm Yvette Essen, Head of Content, Communications, and Creative for CyberCube, and joining me to talk about that report is the author, William Altman. He is the Cyber Threat Intelligence Principal for CyberCube.
Yvette Essen:
"William, can you tell me a little bit about this report? First of all, what exactly is the Global Threat Briefing?"
William Altman:
"Yeah, absolutely. The Global Threat Briefing is part of CyberCube Concierge, our threat intelligence service at CyberCube, specifically built for the insurance and reinsurance industries. You know, we recognize that folks can go out there and get traditional threat intel from big threat intel partners. It's valuable information, but it's often not purpose-built for the types of questions that insurers are facing when it comes to cyber risk. CyberCube is wholly dedicated to cyber insurance, which means our threat intel program is purpose-built to answer the types of questions that matter most to insurance companies. We even do some really unique analysis with CyberCube's data, asking questions like, 'Is the U.S. market getting more or less secure over time?' That's really what you can expect from CyberCube's Global Threat Report."
Yvette Essen:
"I mean, there is a lot in this report. It covers different sectors, some of which you've touched upon. Here, I’m looking at a good 12 pages of different topics and discussions. But perhaps you can highlight a few of those?"
William Altman:
"Yeah, of course. We start the report by highlighting a high-risk sector today—healthcare. We know the healthcare industry is under attack, and we specifically called this out in January, noting that there is aggregation risk around single points of failure technologies in the U.S. healthcare system. Recently, we've all experienced this with the Change Healthcare breach and outage, which proved that theory correct. We're advising clients to look closely at healthcare in their books of business for aggregation risk and to use our Single Point of Failure (SPOF) Intelligence tool to do so.
We cover this in the report and talk about past attacks and lessons learned against healthcare. But we also highlight another important sector: the public sector. We specifically examined the public sector and state and local governments in the U.S. for their susceptibility to cyberattacks. We did this because it's an election year—not only in the U.S. but also in many other parts of the world. Half the world’s population will participate in an election this year. These networks receive a lot of attention during this time of year from an espionage and destruction standpoint, so it’s something we’re continuing to track throughout the year and advising clients on."
Yvette Essen:
"I’d like to find out a little more about two of those things you’ve mentioned. Let’s start with the election year in the U.S., and we’ve also touched on a lot of electoral activity in Europe. Can you tell me, what does this report say about elections?"
William Altman:
"Yeah, absolutely. We specifically look at exposure and security—two different measurements of cyber risk that CyberCube has perfected quantifying. We look at inherent exposure in sectors like the public sector and healthcare. Both of these are highly exposed industries, with lots of sensitive data, making them very attractive to threat actors. This is evidenced in ransomware reports and data showing that the public sector is under attack.
We also measure security in the face of that inherent exposure. We want to understand how well an entity in these industries is satisfying the core elements of the NIST cybersecurity framework and others. If we can do that, we can start to understand security at the company and industry levels. When you look at healthcare, for example, both exposure and security are average. They’re not the worst we’ve seen, but they certainly are not secure enough in the face of their inherent exposure for underwriters to approach these industries like they might have a couple of years ago. Things are different now.
The public sector, specifically, is undersecured relative to the threats it faces. State and local governments, along with their election infrastructure, are targets for nation-state threat actors—the 1% most advanced threat actors on the planet. These governments don’t just need basic security; they need nation-state-level security to secure our elections. It’s going to require tremendous partnerships between the public and private sectors, between state and local governments, and with election infrastructure vendors to truly secure our elections this time around. That’s what CyberCube is looking at and tracking in relation to both of those industries."
Yvette Essen:
"You’ve mentioned the public sector and healthcare sectors. This report also identifies which companies and sectors we believe could be vulnerable and prone to attacks, depending on how secure they are. Tell me a little bit about that."
William Altman:
"Sure. CyberCube can put our exposure and security scores together, and by doing so on a matrix or an XY axis, we can start to see where companies or industries fall—whether they are low exposure/low security, high exposure/high security, or, in the highest-risk category, high exposure/low security. Today, CyberCube tracks eight sectors that we determine to be at the highest risk. These include telecommunications, arts and entertainment, finance, and healthcare. These industries are highly exposed and undersecured relative to that exposure.
We work with underwriters as part of our threat intelligence program to teach them how to address the risks in these industries specifically, and how to achieve their underwriting goals with more due diligence and care when it comes to cyber risk. They can use our products, analytics, data, and all of our services to do that."
Yvette Essen:
"Great. Thank you, William. A copy of the Global Threat Briefing H1 report can be found on our website at www.cybcube.com."
For CyberCube, I’m Yvette Essen.