Cyber security 190108
Those at the brunt of cyberattacks may soon find paying off ransomware is no protection. Image Credit: Pixabay

Digital transformation is at the heart of UAE’s national strategy, promoting the role of technology in reimagining society, enabling human progress, and transforming into a knowledge-based economy. In fact, the country was ranked 10th in the World Digital Competitiveness Ranking 2021, which measures the capacity and readiness of 64 economies to adopt and explore digital technologies as a key driver for economic transformation in business, government, and wider society.

However, cyber security has become inseparable from digital transformation and ICT modernization. Cyberattacks - where fraudsters digitally lock the critical IT systems of companies and government in order to pressure them to pray a ransom – have become a daily occurrence. According to the Head of Cyber Security in the UAE Government, cyberattacks in the UAE increased by 400 per cent after the coronavirus outbreak, resulting in losses that amounted to nearly $700 million within six months.

So, is taking out cyber insurance the answer? The ability to pay ransom to regain access to IT systems and decrypt hostage files? Unfortunately, the payment of ransoms is an extremely serious problem and rarely works.

There’s no guarantee attackers will hold up their end of the bargain

While paying ransom may seem as the only way to recovery, there’s no guarantee that companies will regain access to their systems and be able decrypt all files. In some cases, companies are forced to make do with partial recovery.

According to IDC’s Future Enterprise Resiliency and Spending Survey, less than 28 per cent of respondents were able to recover data after paying the ransom.

Unlocked systems should not be trusted

According to Cybereason, a cybersecurity technology company, 80 per cent of ransomware attack victims who paid ransom were attacked a second time. Of those who experienced a repeat attack, nearly half believed it was at the hands of the same attackers, which indicates that malicious codes remained in the hostage systems and files.

Cyber insurance rarely covers the full cost

While cyber insurance compensates businesses for the cost of an attack that affects their business, only few policies cover data recovery, restoring brand reputation and, in some cases, experts to facilitate ransom negotiations. Also, let’s not forget the IT systems and information can be regarded as a crime scene, and so investigations can be time-consuming.

Investing in cyber resilience

Cyber insurance is neither enough to protect organizations, nor intended to cover negligence for ignoring cyber risk. In today’s digital world, organizations must understand that it is no longer a question of whether cyber attackers will breach our defenses, but when they will break through and how much damage they will do. Attackers only need to be skilled (or lucky) enough to break through just once, and therefore, investing in cyber resilience is critical.

Cyber resilience means anticipating, protecting against, withstanding, and recovering from attacks on cyber enabled services. It goes beyond conventional cyber security and emphasizes continuity and recovery, because eventually, attackers will penetrate defenses.

Cyber incidents affect all of society, spreading uncertainty among the public, governments, and markets alike. Therefore, to keep attackers at bay and mitigate the damage they do, the public and private sectors should together embrace a comprehensive approach to defending against and recovering from cyberattacks.

As technology leaders and services providers, we must make it our mission to partner with customers and governments to implement a whole-of-economy cyber resilience strategy. That includes a consistent set of cyber resilience principles that help prepare our economy and critical institutions for attacks.