With nearly $250 billion in value, Consulting business is on the radar of hackers

September 1, 2021: With a total value of $250 billion, Consulting business is on the radar of hackers, as 1 in 5 data breaches committed on Professional Service firms are attempts to extract personal information.

Consulting is one of the largest and the most mature sectors in the professional services industry. Lawyers, consultants, analysts, and other employees work with sensitive clients’ data, meaning their companies are top targets for cybercrime.

The criminal group behind REvil (Sodinokibi) ransomware notably extorted a New York-based law firm, asking for a $42 million ransom and threatening to publish private details of the company’s celebrity clients. Those include superstars like Lady Gaga, Madonna, Bruce Springsteen, and other famous entertainment industry names.

It is a risk prevalent to the whole industry of professional services, as clients entrust consulting firms with their financial reports, employee data, and classified information. Even before the pandemic, the sector had a relatively distributed and remote workforce, regularly meeting with clients internationally. With most of the operations happening online, cybersecurity negligence tends to be rather costly.

Research by RSM indicates that professional services were the prominent target in 2014 to 2019, suffering 21.5% of reported incidents. Each data breach costs companies around $4.23 million —10% higher than the total average. With a record of Personal Identifiable Information (PII) valued at $175, expenses grow exponentially if the victim company has thousands of clients.

Malicious users primarily target web applications, with Verizon indicating this attack pattern in 33% of breaches. However, to obtain login credentials and get a foothold on victim’s systems, they frequently utilize social engineering schemes. Spear-phishing was accountable for 95% of breaches in enterprise networks, so consulting firms should be vigilant using their digital tools.

Juta Gurinaviciute, the Chief Technology Officer at NordVPN Teams, says:

“The most valuable asset consulting companies work with is data. While cyberattacks are unlikely to disrupt normal service for most, like the information technology or retail industries, customer PII loss will result in financial and reputational damage. Enterprises should have an employee-centered approach and implement smart cybersecurity tools to manage distributed and remote teams.”

Most SMEs underestimate cybersecurity vulnerabilities

Even though larger organizations maintain more extensive client databases and often have more valuable assets to protect, cybercriminals primarily aim at smaller scale companies. 96% of cybersecurity insurance claims come from small and medium enterprises (SMEs), whereas large firms comprise the remaining 4%.

Cybercriminals see SMEs as a ‘soft target.’ Their larger counterparts usually have people and resources to establish and maintain robust digital protection. A lack of an extensive cybersecurity team or a strong perimeter shouldn’t discourage investing. A transition to edge computing opens new perspectives and the availability of scalable and accessible cyber protection tools.

Gurinaviciute comments:

“Before opting for cloud access security brokers (CASB) and other tools, enterprises should evaluate their needs and complete a data audit. They have to comply with legal regulations and only keep client information that is necessary for operating. Also, consider building separate data sets for every department, so employees only access the information needed for their tasks.”

Businesses should also take a further step in limiting the attack surface area. They can establish IP whitelisting (also called ‘allow list’), which permits devices and apps based on their IP address. If the IP is on the predefined list, the user can access the internal network and applications.

While establishing and maintaining an IP whitelist manually can be an expensive burden to carry, a small-scale business can opt for third-party solutions. They should consider scalability and user experience as main incentives, and intuitive features like a centralized Control Panel lets admins add or remove users on demand.

To further strengthen their networks, consulting and professional services companies can implement the Zero Trust Access model. Once users are permitted to enter the system, they will only reach the resources needed for a specific task and for a limited time only. Managing user privileges lowers the risk of cyberattacks considerably and increases visibility for IT teams.

Kindly shared by NordVPN Teams

Main photo courtesy of Pixabay