The Financial Brand Forum 2022
The Financial Brand Forum 2022
ARIA Hotel & Casino, Las Vegas, NV
Aunalytics to Attend the The Financial Brand Forum 2022 as a Gold Sponsor
Aunalytics is thrilled to attend the The Financial Brand Forum 2022 in Las Vegas, Nevada as a Gold Sponsor. Join Aunalytics at booth #413, where representatives will be demonstrating Daybreak™ for Financial Services, a cloud-native data platform which enables financial institutions to focus on critical business outcomes and make data-driven business decisions. Daybreak enables a variety of use cases through AI-driven insights, such as reducing customer churn, increasing wallet share, and optimizing branch allocation decision-making.
2022 Ohio Bankers League Annual Meeting
2022 Ohio Bankers League Annual Meeting
Hyatt Regency, Columbus OH
Aunalytics Excited to Attend the 2022 OBL Annual Meeting as a Reception Sponsor
Aunalytics is excited to attend the 2022 Ohio Bankers League (OBL) Annual Meeting as a Reception Sponsor. Aunalytics will be demonstrating Daybreak™ for Financial Services, a cloud-native data platform which enables community banks to focus on critical business outcomes and make data-driven business decisions in order to compete with large financial institutions.
Ransomware Attacks Pose An Increasing Threat to Businesses of All Sizes: The State of Ransomware 2022
Cyberattacks are a constant threat to organizations of all sizes. To better understand how the current attack environment and track how ransomware trends have changed over time, Sophos commissioned an independent, vendor-agnostic survey of 5,600 IT professional in mid-sized organizations across 31 countries. This survey was conducted in January and early February 2022. The results highlighted the increasing threat that ransomware poses, and the increased role cyber insurance is playing in driving organizations to improve their cyber defenses.
Cyberattacks are up from last year
Ransomware attacks have increased significantly over the past year—66% of organizations surveyed were hit by an attack in 2021, up 78% from the previous year. This is due in part to the ease at which bad actors are able to deploy attacks. The Ransomware-as-a-service mode has reduced the skill level needed to attack.
Not only are attacks more prevalent, but the attacks themselves are becoming more successful and more complex. In 2021, 65% of attacks resulted in data being encrypted, up from 54% in 2020. Fifty-nine percent of organizations who experienced cyberattacks saw the complexity of the attacks increase, while 57% saw an increase in the volume of cyberattacks overall.
Data recovery rates are improving
Despite the increase in attacks within the past year, there is some good news. Almost every organization surveyed (99%) were able to get some encrypted data back—up from 96% in 2020. The top method used to restore data was backups, which was used by 73% of organization whose data was encrypted in an attack. In addition to backups, a large portion—forty-six percent—paid a ransom to have their data restored.
Unfortunately, while paying a ransom typically allows organizations to get some data back, it is less effective than in years past at restoring data. On average, organizations that paid a ransom only got back 61% of their data, down from 65% the previous year, while only 4% of those that paid the ransom got ALL their data back in 2021, down from 8% in 2020. This highlights the importance of employing multiple methods to restore data—utilizing backups in particular can improve the speed of recovery and increase the amount of data that can be recovered.
Ransom payments have increased
Not only are ransoms less effective at restoring data than in previous years, but the amount of the payments themselves have increased considerably. Between 2020 and 2021 there was a threefold increase in the proportion of victims paying ransoms totaling US$1 million or more. The percentage paying the lowest ransom amounts decreased over that same time—from one in three (34%) to one in five (21%).
The average ransom payout increased 4.8X from 2020 data, from an average of US$170K to US$812,360 in 2021. However, the average ransom amount varies greatly across industries, with manufacturing and utilities coming in at the top of this survey with an average of US$2.04M and US$2.03M, respectively, while healthcare and local/state government had the lowest average ransom payments at US$197K and US$214K, respectively.
Ransomware greatly impacts companies, both economically and operationally
Even when some of all data is able to be restored after a cyber attack, the costs of loss productivity or inability to operate at all can be substantial. Of those hit by ransomware last year, 90% said their most significant attack impacted their ability to operate, while 86% said it caused them to lose business and/or revenue. The average cost to remediate an attack in 2021 was US$1.4M, which, thankfully was down from US$1.85M in 2020. This was due in part to cyber insurance providers being better able to guide victims through an effective response more rapidly.
Although there have been improvements in total recovery time over the years, it still took, on average, one month for organizations to fully recover from the most significant attacks. Those in higher education and central/federal government had the slowest average response times, at around 2-5 months, while manufacturing and financial services were the quickest, with the majority being able to recover in one month or less.
Despite the huge economic costs of ransomware attacks, many organizations are putting their faith in defense that don’t actually prevent ransomware—only more quickly mitigate its effects. Seventy-two percent of organizations in the survey who weren’t hit by ransomware in the past year and didn’t expect to be hit in the future cited backups and cyber insurance as reasons why they don’t anticipate an attack. Neither of these elements actually prevent attacks in the first place.
Simply having security resources in place does not necessary mean that they are effective. Of those surveyed who were hit by ransomware in the last year, 64% said they had more cybersecurity budget than they need, and 24% said they had the right amount of budget. Many of these organization also said they had more headcount or the right amount of headcount (65% and 23%, respectively. This reveals that despite having ample resources—both personnel and technology—organizations will not achieve a high return on investment without a combination of the right technology and expertise to use the technology effectively.
Cyber insurance drives changes to cyber defenses
Thankfully, organizations do not have the shoulder the burden of ransomware costs all on their own. The survey found that four in five mid-sized organizations had insurance against ransomware attacks. However, 34% said there were exclusions/exceptions in their polices. Organizations that had been previous hit by ransomware attacks in the past were much more likely to have cyber insurance coverage against ransomware. However, many respondents indicated that securing coverage has changed in the past year, or gotten more difficult to obtain:
- 54% said the level of cybersecurity they need to qualify is now higher
- 47% said policies are now more complex
- 40% said fewer companies offer cyber insurance
- 37% said the process takes longer
- 34% said it is more expensive
As a result, 97% of organizations that have cyber insurance have made changes to their cyber defense to improve their cyber insurance position. 64% have implemented new technologies/services, 56% have increased staff training/education activities, and 52% have changed processes/behaviors.
Conclusion
The survey has revealed that ransomware continues to be an imminent threat for organizations of all sizes across industries. For many, choosing an experienced partner with expertise in cybersecurity not only improve their chances of getting approved for the right amount of cyber insurance coverage, but can ensure that they see an higher return on investment and improved ability to prevent and mitigate attacks in the future.
Does Your Mid-Market Firm Have the Right Talent to Maximize Its Data Tech Investments?
Does Your Mid-Market Firm Have the Right Talent to Maximize Its Data Tech Investments?
Investing in digital transformation technologies can be a waste of money if your company forgets one important point. That point is, no matter how cutting edge the tech or tool may be, people are needed with specific technical expertise in order to derive true business value from these investments.
Unlike large enterprises, mid-market companies often try to find this expertise in their IT manager, hoping a jack-of-all-trades approach will take care of it. This is an unfortunate mistake, since it would require the IT manager to have unusual command over a long laundry list of duties, from data integration, ingestion, and preparation to data security, regulatory compliance, data science, and building pipelines of data ready for executive reporting from multiple cloud and on-premises environments. This is not just a tall order for a mid-market IT manager to pull off, but likely an impossible one.
At the same time, it’s unreasonable to expect that most mid-market firms can hire an entire division of data experts—who each need to be highly compensated—in order to achieve the organization’s digital transformation goals. Even if a mid-market player could afford it—which is unlikely to make economic sense—these talent resources are scarce and in high demand.
If you’re still wondering whether your IT manager’s skill set, leveraged by your in-house IT technicians, can properly run the gamut required to achieve value from your data technology investments, consider that the person in this position would need the ability to master a wide range of skill sets, from cloud architecture, database engineering, and master data management to data quality, data profiling, and data cleansing. More specifically, your IT manager would need to take on five additional specialized roles for technical talent that are critical for achieving value from data technology investments.
These roles are:
Chief Data Officer/Chief Digital Officer
A chief data officer (CDO) is focused on—you got it—data. Most mid-market companies understandably don’t have a CDO, which means they don’t have anyone who assures regulatory compliance for data handling while managing and exploiting information assets, reducing uncertainty and risk, and applying data and analytics to drive cost optimization and revenue objectives. For IT managers to fulfill a CDO role, they’d have to be equipped to bring a global perspective to company data, help their organization gain competitive advantage over peers, and manage data and analytics. They’d also need the ability to secure data, transform it into valuable business information, lead digital transformation initiatives, and use data for growth and operational efficiency.
Cloud Engineer
The primary job of a cloud engineer is to keep cloud data centers operational and secure for ecosystem users to be able to store and access their data. Cloud engineers are experts in minimizing downtime, managing access to data, managing compute and storage, and setting up cloud architectures for clients, tenants, and containers. They also monitor data center hardware, servers, networks, and communications systems for operational continuity and efficiency.
Data Security Expert
Mid-market firms also need a way to channel the talents of a data security expert, CISO, or cybersecurity director to ensure cyber-security for the company’s data. Data security experts must keep current on emerging threats while executing data security strategies to fend off and remediate attacks. This involves a wide range of duties, including working closely with the IT team to run the company’s Security Operations Center (SOC), constantly monitoring servers, networks, and workstations for security threats, and staying up to date on the changing compliance laws and regulations for the business, to name a few. While larger IT teams have bandwidth to fill cybersecurity needs inhouse, many midmarket IT teams do not have capacity for the 24/7/365 monitoring and security edits needed to thwart attacks, let alone bandwidth for executing on mitigation and response strategies needed to overcome them.
Data Engineer
A data engineer’s primary job is to prepare data for analysis or operational uses, which involves integrating data from different sources, as well as implementing and executing data profiling, cleansing, transforming, and normalizing data. Data engineers also work with data in motion and use master data management to ensure data consistency across an organization. Finally, a data engineer is your go-to technical resource for database construction and management, helping to optimize the company’s data ecosystem.
Data Scientist
It should be clear now why a mid-market IT manager should not be expected to take on these additional professional roles, but in case there’s any doubt, keep in mind that a data scientist is also needed. Data scientists develop algorithms and leverage deep learning models to analyze data with artificial intelligence and machine learning. The data scientist creates the “brain” of the data analytics solution to position it for providing accurate answers based on business information. Data scientists also mine data to find opportunities for business growth and efficiency. Ideally, the data scientist uses tools that enable non-technical business users to query data sets without having to write SQL or other code.
Master of One
If you’ve correctly determined that your mid-market IT department does not have enough time to absorb these data roles into their regular duties of keeping your company systems stable and responding to help desk tickets from your team, don’t despair. There’s a viable solution for mid-market businesses with this dilemma: they can partner with data experts who provide a side-by-side model coupling technology with talent. This allows the mid-market to efficiently compete, leveraging the necessary skillsets to achieve digital transformation success.
What does successful mid-market digital transformation require? The key is to have a cloud-based data center, a cloud native data management platform, and cloud native analytics, thus shifting the burden of procuring and maintaining the infrastructure to a third-party vendor in the data industry. Instead of attempting to reinvent the wheel in house, mid-market players should ensure they’re partnered with the right infrastructure to maximize the data-center capabilities, and data storage and management, for effective digital transformation.
Mid-market firms can gain the benefits of working with a wide range of experts including cloud engineers, data engineers, security experts, data scientists, and other highly skilled technical resources if they establish a partnership with a data platform company. By opting for this type of side-by-side expert help, the mid-market can achieve true business value—without needing to hire an entire data team.
The Cost of Skimping on Security in 2022
From 2020 to 2021, the number of ransomware attacks on organizations increased by 78% and more than 10% of those attacks resulted in ransoms of $1 million or higher. According to the Sophos State of Ransomware 2022 report, ransomware attacks take an average of one month to fully recover from and frequently result in downtime and loss of revenue, the impact of which leads to an average recovery cost of $1.4 million. That’s about 640 vacations to Disney World. The cost of skimping on security is great.
While you could take your entire team to Disney World for a week, possibly even a few times over, a better idea might be to invest in preventing a security breach in the first place. Be it ransomware, a phishing attack, or an insider threat, proactive threat and risk prevention takes dedicated time, well-trained people, and cutting-edge technology, so it is no surprise that it can be confusing and costly. As we’ve already seen, it can be even more costly to ignore those risks.
Keeping Up with Technology
It took 2 million years for humans to progress from the first tools to discovering fire, yet it only took 130 years to go from the telegraph to the internet and another 33 years to get to the iPhone. Technology now changes at a blistering pace and, alongside that thrives the unfortunately fruitful business of cybercrime. One of the most critical factors in combating this is having, understanding, and fully utilizing the latest technology. Based on Gartner’s 2022 report of Top Strategic Trends, some of the newest technologies that will impact the cybersecurity field include:
- Cybersecurity Mesh: A scalable, integrated architecture that enables security tools to work cooperatively throughout an environment
- Autonomic Systems: Self-managing systems that take in information from the network to modify algorithms without manual updates, allowing for rapid changes and scalability
Source: Gartner
Partnering with the Experts
Whether you are intimately familiar with the concepts presented here or they sound like something from the USS Enterprise, partnering with experts is what will give you an advantage over bad actors and cyber criminals. Admittedly, most organizations struggle to keep up with regular patching, let alone investing the time and resources into implementing these types of technology. While cybersecurity and understanding cyber risk are likely not your area of expertise, working with a trusted partner can ensure that your online business and IT landscape are as secure as technology and expertise allow. Having security that stands up to the worst of ransomware, hackers, and more is a must.
The criminals don’t take a break, so your security monitoring can’t either, which is why it is critical to have both the technology to meet the needs of today’s risks as well as the people to understand, implement, and manage that technology to its fullest potential. Aunalytics has you covered. With expert toolsets and talent, your business can depend on us to have highly trained professionals and the newest technology and information to protect your business in the ongoing threat landscape.
How to Win Wallet Share While Cutting Costs in Financial Institution Operations
How to Win Wallet Share While Cutting Costs in Financial Institution Operations
In a recession economy, it is imperative to cut costs and employ efficient strategies to grow operating income. Here’s what banking institutions can do to make marketing and sales teams more efficient, and achieve better returns.
Fill out the form below to receive a link to the article.
Aunalytics is a data platform company. We deliver insights as a service to answer your most important IT and business questions.
Related Content
How to Win Wallet Share While Cutting Costs in Financial Institution Operations
How to Win Wallet Share While Cutting Costs in Financial Institution Operations
In a recession economy, it is imperative to cut costs and employ efficient strategies to grow operating income. Here’s what banking institutions can do to make marketing and sales teams more efficient, and achieve better returns.