Ernst & Young is waiting for a spike in proposals to insure cybersecurity risks in Ukraine in 2019, according to a study by Ernst & Young Global Limited posted by the Ukrainian representative office of the company.
“The high level of damage to business from cybercrime around the world encourages companies to look for ways to manage these risks from the outside. One of the available options is to insure cyber risks, so similar offers from insurance companies are the expected trend of 2019 in Ukraine,” Senior Manager of information technology and IT risk management department of EY in Ukraine Dmytro Lazuchenkov said.
According to EY Global Information Security Survey 2018–2019, Ukrainian businesses are still characterized by the active migration of large Enterprise IT solutions to cloud services and the performance of business-critical operations in public “clouds.”
In a highly competitive environment, cloud solution providers are trying to reduce costs by reducing investment in technical tools and staff skills that are necessary to ensure the security of a cloud solution. This leads to the fact that cloud environments are becoming more susceptible to attacks by cybercriminals,” the company said in a press release.
EY said that the state-run institutions of Ukraine also should not forget about countering cyber threats.
According to EY Global Information Security Survey 2018-2019, vulnerabilities with the most increased risk exposure over the past 12 months were careless/unaware employees (34%), Outdated security controls (26%), unauthorized access (13%), and related to cloud-computing use (10%).
Most organizations (82%) are not sure if they successfully identify cybersecurity incidents. Among organizations suffered from incidents over the past 12 months, less than one third (31%) say that the incident was revealed by the cybersecurity service of the company.
EY said that 60% of organizations say that the person directly responsible for information security is not a board member. Only 18% of organizations say that information security fully influences business strategy plans on a regular basis.
Ukrenergo has worked out a concept for the development of cybersecurity for 2019-2023, based on the analysis of the current state of information security in the company, its own developments and the experience of world leaders in the field of cyber defense and information technologies, primarily Israel.
According to a press release, in four years Ukrenergo intends to implement 30 projects in order to enhance the security of information infrastructure and minimize the negative impact of cybersecurity incidents on the company’s work.
In particular, the matter concerns the creation of a secure transport network of the enterprise for secure interaction with the outside world, the organization of secure basic infrastructure and data processing centers, as well as setting up an operational security center and organizing professional training for personnel.
The draft concept was reviewed and received positive feedback from the Security Service of Ukraine and the State Service of Special Communication and Information Protection.
As reported, in June 2017 the computer networks of the Cabinet of Ministers, dozens of state and private large banks and companies in Ukraine became the victims of a massive virus attack, which in some cases led to the cessation of their operations.