The demands of cybersecurity and cyber resilience are expanding at a clipping pace as attackers adapt to new defenses. To help navigate the shifting terrain, Marsh & McLennan released its “MMC Cyber Handbook 2018: Perspectives on the Next Wave of Cyber,” which presents a global perspective on cyberthreats.

According to the report, we have reached an inflection point regarding our global ability to address cybersecurity risks for three main reasons:

  1. Cyberattacks, malware and business disruptions are growing more and more sophisticated, which made 2017 a banner year for security incidents.

  2. We are increasingly dependent on technology and connected devices, which has raised the profile of cybersecurity and resilience in most organizations — not to mention security budgets.

  3. Governments, regulators, law enforcement and auditors are just beginning to effectively coordinate cyber risk strategies and share intelligence about the evolving and increasingly interconnected nature of the threat landscape.

Key Takeaways From the Report

The “MMC Cyber Handbook” is not your typical security report. It juxtaposes security statistics with short articles on topics such as the General Data Protection Regulation (GDPR), the many high-profile ransomware (such as WannaCry and NotPetya) and distributed denial-of-service (DDoS) attacks (such as the Mirai botnet) that befell organizations in 2017, and the need for improved cybersecurity across regions, sectors and even departments.

A few statistics stand out for their relevance to everyday internet users:

  • The average number of identities exposed per breach reached 927,000 in 2016, compared to 466,000 in 2015 and 805,000 in 2014. 2016 was also the first year to see 15 breaches with more than 10 million identities exposed — up from 13 in 2015 and 11 in 2014.

  • The number of ransomware families hit 101 in 2016, more than three times the number of families observed in each of 2014 and 2015. In 2016, the average ransomware amount was over $1,000, about three times as much as the previous year.

  • In 2016, the average number of cloud apps used per organization reached a staggering 928 apps, up from 841 the year before.

  • The energy, healthcare and retail sectors saw the highest numbers of cyberattacks in the past year, with reported attacks from 26, 25 and 25 percent of companies, respectively. Manufacturing came in fourth with 22 percent. Organizations in the power and utilities sector also found themselves in attackers’ sights, with 14 percent reporting cyberattacks.

  • In terms of managing, responding to and recovering from a cyber incident, only 19 percent of respondents said they were highly confident, 62 percent said they felt fairly confident and 14 percent said they were not at all confident. Meanwhile, 6 percent reported that they didn’t know.

Why Experts Are Forecasting a Cyber Hurricane

In case anyone still doubted the increasingly systemic nature of cyber risks, the report noted that conditions have evolved beyond data breach fatigue into what U.S. military officials dubbed “a potential ‘Cyber Pearl Harbor'” and one report author described as “early versions of cyber hurricanes.” This digital perfect storm is due to our increased dependence on technology, combined with the high number of vulnerabilities and continuing growth and specialization of the cybercrime market.

As the high-profile incidents of 2017 and 2018 have shown, a cyber incident can quickly spread beyond its initial vector of entry and wreak havoc with both IT and operational technology, seriously impacting an organization’s business activity. The report noted that this is especially concerning for manufacturing and logistics organizations, which are particularly susceptible to cyber risks due to the nature of their businesses — with little slack, lots of outsourced parts and dependence on just-in-time inventories.

How the Financial Sector Is Leading by Example

While the financial sector is often a leader in terms of improving cybersecurity, the report noted that the margin for error is getting smaller due to recent regulatory changes, including those from the New York Department of Financial Services (NYDFS) and the Office of the Comptroller of the Currency (OCC), as well as the 2017 updates to both the Federal Financial Institutions Examination Council (FFIEC)’s “Information Security Handbook” and its Cybersecurity Assessment Tool.

In its spring 2018 “Semiannual Risk Perspective” report, the OCC urged the banking sector to be aware of the evolving nature of cyberthreats and warned of bad actors that seek to exploit personnel, processes and technology.

“Failure to maintain proper cybersecurity controls can lead to material negative effects on banks, consumers, and national and economic security,” the report noted. The authors went on to advise banks to “have a well-established and tested response plan in case a cyber incident occurs.”

The OCC clearly stated its intention to pay close attention to cybersecurity and resilience in its “Fiscal Year 2018 Bank Supervision Operating Plan,” noting that examiners would “review banks’ programs to determine to what extent they assess the evolving cyber threat environment and banks’ cyber resilience.” Coupled with GDPR and similar regulatory guidelines, the Cyber Handbook’s advice regarding broader coordination will come in handy to help security professionals consolidate data protection policies across sectors.

How Can Companies Across All Sectors Improve Cyber Resilience?

In the handbook’s mini-article, “Limiting Cyberattacks With a System Wide Safe Mode,” author Claus Herbolzheimer advised organizations to consider moving toward decentralized cybersecurity architectures that can automatically disconnect from an infected system or network to prevent further attacks or disruptions. The goal of such a mechanism is to reduce harm without completely shutting down and maintain a minimum level of healthy activity that can be sustained without further damage or compromise.

All in all, the “MMC Cyber Handbook” covers a lot of new ground, especially in terms of its global perspective on the evolving threat landscape. The bottom line is that as attackers grow increasingly sophisticated and their tactics more advanced, defenders will need to innovate and share intelligence on a global scale and across industries to keep their systems, data and personnel safe.

Never miss a new episode of the Security Intelligence podcast! Subscribe now on Soundcloud

More from Risk Management

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today