Security News for the Week Ending June 25, 2021
Paying Ransom is Tax Deductible
Under current IRS regulations, paying cyber ransom after a hack is deductible, just like losses from a robbery, but the IRS is “looking into it”. One way the government could discourage ransom payments is if the cost is borne fully by the company’s owners. They still might choose to do it, but at least the taxpayers would not be subsidizing it. Of course, if your insurance pays for or reimburses you for the ransom, then that ransom is not deductible. Credit: AP
How Much Does YOUR Board Know About Cybersecurity Issues
As I reported last week, the SEC fined First American Financial a half million dollars for the data leak they had. The fine was based on the fact that an internal security team discovered the problem that was reported to the SEC several months later, no one bothered to tell FirstAm executives about the issue. The moral of the story is that the SEC is “suggesting” that you keep your business leaders informed about cybersecurity issues. If the SEC does that, assume that your insurance provider will follow suit soon and deny coverage if your executives are not kept in the loop. Credit: Reuters
How Long Does It Take to Fix Critical Vulnerabilities
According to White Hat Security, the average time to fix a CRITICAL vulnerability in May 2021 was 205 days, up from 201 days in April. The water utility sector was the least prepared. 66% of all applications used by the sector had at least one exploitable vulnerability open throughout the year. Even in finance, 40% of the applications had a window of exposure of 365 days, but 30% had a WoE of fewer than 30 days. Given stats like these, it is not surprising that the hackers are winning. Credit: ZDNet
Cyber Breach Insurance Market Set for a Reckoning
Cyber insurance claims spiked this year. Standalone claim payouts jumped from $145,000 in 2019 to $358,000 in 2020. A key metric the industry uses is something called direct loss plus defense and cost containment ratio. It skyrocketed last year to 73% from 42% the previous five years. At 73%, when you add in other costs, that means the industry is probably losing money. This means that premiums will go up, coverage will go down and limits and sublimits will be changing. If you have cyber risk insurance, prepare for changes. Credit: The Record
How Long Does it Take a Misconfigured Container to be Attacked?
Containers are great, but they are not bullet proof. Aqua Security says that based on data they have collected over 6 months, 50% of Docker APIs are attacked by botnets within 56 minutes of being set up.
It takes five hours on average for a new honeypot container to get scanned. The fastest happened in a few minutes. The longest was 24 hours. None of these numbers are very long.
What this means is that you need up your game when it comes to securing your cloud based systems. If you can, set them up in a contained environment (that is not publicly accessible) and harden it before exposing it. Credit: SC Magazine