Moody’s goes into detail as to why this is the case but in our opinion – these issues are perhaps the biggest reasons why things will get much worse.
Every breach inherently makes us all less secure. The reason is phishing is becoming spear- phishing, by definition. Spear phishing is basically targeted phishing.
Marketing Automation (MA) is now easily accessible and understandable. If you are a customer of health food/vitamin retailer GNC, they could use MA to send you relevant emails about products you may be interested in. Perhaps those targeted at weight loss or building muscle.
Hackers now use MA and they can use all your known preferences to target you.
This means they have access to cutting-edge tools to attack us with. In order to fuel the MA systems, they need data. Every breach provides more data on us. Whether it is a favorite baseball team or anything else.
In other words… (Let’s call this Tehrani’s LAW on Hacker Success Rates).
Cybersecurity risk is scaling like MOORE’S LAW. This is very scary. MA systems are leveraging AI and big data techniques to serve up relevant content. Applied to spear-phishing and malicious messages, we have a recipe for exponetial growth in malicious attack success rates!Rich Tehrani
From there – we sadly go further downhill:
Here are Moody’s notes and the full report:
Cyber risks are rising, with potential credit implications for an array of sectors. Growing use of digital technologies in business operations and cyberattack sophistication pose increased business disruption risk and put more sensitive data at risk of disclosure.
Ransomware attacks will become more targeted. Ransomware attacks will continue their evolution from diffuse, opportunistic attacks to targeted attacks that increasingly involve theft and public disclosure of data.
Cloud misconfigurations will result in more data breaches. More organizations will adopt cloud services for scale and efficiency, but human error in setting up these services will continue to lead to data breaches.
Data privacy regulations will lead to higher and more frequent fines. Although fines alone have not yet threatened companies’ credit quality, the upward trend in fine amounts points to a need for robust liquidity reserves or other alternate sources of liquidity to absorb any adverse penalties in 2020.
Political and geopolitical cybersecurity concerns pose growing risks. Government-sponsored cyberattacks against adversaries will continue, while fears of cyber-meddling in the 2020 US presidential election persist.
Cyber insurance litigation will spread. Confusion about cyber insurance policies and what they cover will lead to increased litigation.
Companies will work to better protect operational technology (OT) networks. The exposure associated with cyber risks and industrial processes will become a bigger priority for managers of organizations.
Join others with $8.5B+ in IT buying power who plan 2020 budgets! Including 3,000+ resellers!
Feb 11-14, 2020, Fort Lauderdale, FL. Register now.