Cyber risk is not something abstract, but a concrete and increasingly widespread risk, so much so, that in the World Economic Forum’s Global Risks Report 2020, it was included among the top 10 global risks in terms of probability of occurrence and impact.

The CLUSIT 2020 report shows that serious cyber-attacks have increased from 2018 to 2019 in sectors like “Multiple Targets” (+29,9%), “Online Services & Cloud” (+91,5%), “GDO/Retail” (+28,2%) and “Healthcare” (+17%). More generally, cyber-attacks have increased both quantitatively and in terms of severity.

In addition to the ever-growing increase in cyber crime – due to the activities of organised transnational criminal groups, industrial espionage, and civil or paramilitary state-sponsored groups targeting vulnerable corporate infrastructures – human error, natural disasters, epidemics and terrorist attacks add to cyber threat levels. 

Not surprisingly, in recent months, Leonardo's Security Operation Centre has observed an increase in malicious Covid-19-themed campaigns, and in particular a greater number of attacks, based on ransomware, aimed at companies and entities in the health sector.

Cyber-attacks often lead to a crisis: an extraordinary event capable of compromising the target organisation's operations and reputation. In these scenarios – usually targeting outdated systems and applications, unidentified and unmanaged IT / OT vulnerabilities, and inadequately trained human resources – senior management must make critical decisions in a short time, often based on fragmented information. The risk is that haste, fear and disorientation could compromise the decision-making process, further aggravating the ongoing crisis. 

However, it is critical that decisions are based on agreed procedures and protocols, working with experts who will manage a potentially chaotic and hugely damaging situation in a calm, structured and effective way.

Leonardo offers its customers a holistic approach that involves managing all phases of the lifecycle of a crisis.

• During the prevention phase, risks are identified in order to improve people's skills by preparing them for emergency management and raising the level of defence against cyber threats. In this phase, a Cyber Crisis Management Plan is drawn up, devising models to manage future crises in a systematic and organised way. The goal is to prevent critical events, mitigate their negative consequences and facilitate their resolution.
• The response phase aims to promptly detect the malicious event and effectively put in place the consequent containment, eradication and restoration of systems for a controlled return to business as usual.
• Finally, in the recovery phase, post-crisis investigation and assessment activities evaluate all the aspects managed during the response, starting from the technical ones to those relating to communication, in order to enhance the experience gained during the crisis management.

The proposed approach encourages a culture of widespread cyber awareness within the organisation, continuous training of operating personnel, and the use of monitoring and reaction tools to support the human element.

People make the difference!

For more information: cyberandsecurity@leonardo.com

Follow us on Twitter, LinkedIn and Instagram to be in touch with our initiatives.