27.09 2021

The target of the next cyber-attack could be you

The energy, healthcare, and retail sectors are most vulnerable to cyber-attacks; even small businesses have to engage with data protection these days.

According to IBM Security’s Cost of a Data Breach Report 2022, identifying and containing the average data breach takes about 280 days. Unfortunately, this is an optimistic scenario, as the study reveals that for companies that invest less in cyber security, it may take much longer to contain such an incident.

Moreover, the energy, healthcare, and retail sectors are significantly more vulnerable to cyber-attacks. In recent years, KPMG has noticed a similar growing trend in Estonia and Scandinavia, where non-IT-oriented sectors often lag considerably behind in cyber security matters.

Unfortunately, no one can afford such shortcomings any longer, as most attacks are financially motivated. For ransomware attackers, a company’s assets, such as manufacturing equipment, intellectual property or medical devices, are as lucrative a target as disrupting an online environment or encrypting data assets.

Moreover, there is a rising and heightened interest in the energy and health sectors among state-sponsored attackers. Examples include ransomware attacks against Universal Health Services, the largest hospital network in the United States, and similar incidents in Estonia. The latter have come to public attention through the Estonian Information Systems Authority and other sources and point to numerous attacks on Estonia’s energy and healthcare sectors.

Attackers are on the hunt for data

It must be noted that all companies have data that are potentially of great interest to attackers, although the company itself may not be aware of it. The main targets for attackers are personalised customer and employee data, intellectual property and anonymised customer data.

The purpose of data capture is usually to sell it on the black market or to cross-correlate it with other data, which adds value to the captured dataset. Data breaches pose a wide range of risks for companies. On the one hand, they face reputational damage and potential loss of trust. On the other hand, there are potentially considerable financial penalties resulting from both national regulations and the GDPR, for example.

Companies should certainly pay attention to risks entailed in cloud services and overly complex security systems. Implementing new solutions or over-complicated systems may pose a threat instead of the desired additional security. Risks are particularly high if such solutions are not supported by adequate cyber security knowledge and skills.

For most companies, having all required capabilities in-house would be rather difficult and unreasonably expensive, especially when a company operates mainly in the manufacturing, energy, healthcare or another sector that is not closely related to the IT sector and when it does not operate globally. A practical solution here would be to look for a reliable service provider who can offer a world-class service.

With a trusted partner, it is possible to respond quickly to incidents that have already occurred and improve cyber security by means of red-team testing, which simulates real attacks to help identify a company’s or organisation’s IT vulnerabilities.

The following are five key measures to help companies prevent data breaches and reduce their impact:

  • incident response testing;
  • putting in place and testing business continuity plans;
  • setting up an incident response team;
  • red-team testing (simulation of real attacks);
  • training of staff

Impact of COVID-19

Even though COVID-19 does not spread in cyberspace, it does have a significant impact on companies’ IT situation today and will continue to have an effect in the future. Most companies agree that creating a capacity for remote work is a risk for them. As a result of setting up remote working arrangements, the time it takes to detect a data breach will likely lengthen in the coming years, and losses associated with data breaches will likely increase.

Companies that can get secure solutions and working arrangements in place now will have a significant competitive advantage in the future. Certainly, COVID-19 has also increased the vulnerability of many small retailers, as many online stores were launched quickly to survive the emergency situation.

Ultimately, the responsibility for the customer data collected through an online store remains with the merchant, be it a large regional chain or a single boutique.

Mihkel Kukk

Head of Cyber Security
+372 521 4332

Bolstering Cyber Resilience with High-Quality Red Teaming

The escalating complexity and frequency of cyberattacks pose a critical risk to the stability of f..

Cyber security

KPMG recognized as a Leader in Cybersecurity Consulting Services in Europe

According to The Forrester Wave: Cybersecurity Consulting Services in Europe, Q1 2024.

We are excit..

Cyber security

Cyber Security Expert: IT Hygiene Should Not Be Neglected During Holidays and Vacations

The line blurring between work and spare time, and the widespread use of remote work mean that peo..

Cyber security

A Company Must Not Be Bought Without a Pre-transaction IT Audit

It is a volatile time for economy, which always leads to businesses being purchased and sold. For ..

Cyber security

How To Prepare for Overcoming a Cyber Incident

It is no longer a question of if cyber incidents take place, but when they will take place. Based ..

Cyber security

Too Many Companies Underestimate IT Risks

Mihkel Kukk, Head of Cyber Security Services at KPMG, notes that, although great importance is att..

Cyber security

Provide a safe and sustainable business environment for your company. We help build a resilient and reliable digital landscape, even in the face of changing threats.

KPMG Baltics OÜ

+372 626 8700
Ahtri 4, 10151 Tallinn, Estonia
KPMG Baltics KPMG Global Privaatsuspoliitika
Email again:

HR assessment 

HR assessment focuses on mapping the skills and increasing the competencies of the weakest link in cyber security: the users, the employees.

Email again:

Threat assessment

Threat assessment is a tactical and technical service that allows a company to get a quick overview of external threats.

Email again:

Maturity assessment

Maturity assessment helps plan IT investments and design further steps to mitigate vulnerabilities and ensure better security.

Email again: