The better the question. The better the answer. The better the world works. У вас есть вопрос? У нас есть ответ. Решая сложные задачи бизнеса, мы улучшаем мир. У вас є запитання? У нас є відповідь. Вирішуючи складні завдання бізнесу, ми змінюємо світ на краще. Meilleure la question, meilleure la réponse. Pour un monde meilleur. 問題越好。答案越好。商業世界越美好。 问题越好。答案越好。商业世界越美好。

Does cyber security become a priority only once you’ve been attacked?

As disruptive innovations and new business models transform organizations and communities around the world, their sustainability is threatened by a plethora of cyber risks. EY has been at the forefront of developing innovative competencies by building upon its cyber security strengths to stay ahead of the market.

Today, with enterprises increasingly leveraging the internet for mission-critical applications, cybersecurity continues to remain a top imperative across the world. An increase in cyber-attacks, combined with the shift toward automating business processes have introduced new risks that must be addressed to secure sensitive data and instill trust in your technology platforms. At EY, we believe organizations must build trust in their technology platforms to address many forms of risk, including cyber risk. EY brings together multi-disciplinary practitioners, combining cyber security expertise with sectoral experience to help organizations combat a wave of attackers, in today’s digital era, of varying levels of sophistication.

Understanding the threat landscape

The first step for organizations seeking to enhance their cybersecurity ability is to develop a better understanding of the nature of the threat to them. What are the threats and what do they mean for you and your organization?

Common attacks

Carried out by unsophisticated attackers, using freely available hacking tools, with little expertise required to be successful

Advanced attacks

Typically carried out by sophisticated attackers, exploiting complex sometimes unknown zero-day vulnerabilities using advanced tools and methodologies

Emerging attacks

Focus on new attack vectors enabled by emerging technologies, typically carried out by performing their own research to identify and exploit vulnerabilities

Every organization must assume that the worst could happen

With so many disparate threats – and perpetrators that could be anyone from a rogue employer to a terrorist group or a nation state – organizations must be vigilant across the board and be well acquainted with their own threat landscape. All the more so since attackers have easy access to malware and sophisticated tools – and can even hire cyber-criminals – online.

Organizations may feel more confident about confronting the types of attack that have become familiar in recent years, but still lack the capability to deal with more advanced, targeted assaults; they may not even be aware of attack methods that are emerging. To be cyber resilient, however, organizations must increase their understanding rapidly – it is likely that they will face all of these categories of attack at one time or another, and possibly simultaneously.

The ability to respond to an attack is the final piece. Organizations able to act calmly, employing a well thought-out and tested cyber threat breach response plan in which everyone understands their responsibilities, will be able to de-escalate the crisis much more quickly.

By pulling these strands of cybersecurity together, organizations will move toward greater resilience, even in the face of the significant and increasing risk posed by diverse and often sophisticated cyber attackers.

EY supports organizations in establishing and strengthening their cyber security capabilities through…

Contact us:

EY - Murali Rao

Murali Rao

Cyber Security Leader,

EY - Rohit Mathur

Rohit Mathur

India Risk Advisory Leader,

EY - Burgess Cooper

Burgess Cooper

Cyber Markets Leader,

EY - Kartik Shinde

Kartik Shinde

Cyber Security
Financial Services, EY

EY - Vidur Gupta

Vidur Gupta

Cyber Security and Privacy

EY - Jaspreet Singh

Jaspreet Singh

Cyber Security and Privacy