Ransomware and data leaks are inconvenient and costly. But what about a cyber incident that leads to mass casualties?
The notion of “black swan” events — incidents that are so rare and unusual they cannot be predicted — is a “fallacy”, according to Sarah Armstrong-Smith, Chief Security Advisor at Microsoft, during her talk at UK Cyber Week 2023. Increasingly, experts are warning about the growing possibility (or inevitability) of an infrastructure cyberattack that leads to loss of life. How can organizations prevent and/or prepare for this kind of event?
The threat of cyber catastrophe
According to the World Bank’s Global Cybersecurity Outlook 2023, 93% of cybersecurity leaders and 86% of business leaders think a far-reaching, catastrophic cyber event is at least somewhat likely in the next two years. Additionally, 43% of organizational leaders think it is likely that a cyberattack will affect their organization severely in the next two years.
In addition to her work at Microsoft, Armstrong-Smith collaborates with the UK’s Ministry of Defence (MoD). During her talk, she said many agree that it’s only a matter of time before a cyberattack against critical infrastructure will cause an event that leads to “multiple fatalities”. She advises security teams to seize opportunities related to past failures to improve incident response approaches.
The reasoning behind her conclusion is that attackers are increasingly infiltrating operational networks. And this has the potential to cause far more destruction than breaching IT networks. “The capability is already there; it’s just a matter of time,” said Armstrong-Smith. ..
Support the originator by clicking the read the rest link below.
