The finance, manufacturing and healthcare sectors have long been in the line of fire for cyberattacks. In 2020, 62% of all cyberattacks targeted these three industries, according to NTT’s 2022 Global Threat Intelligence Report. Now, amid geopolitical tension around the world and related supply-chain disruptions, that trend has started affecting other critical-infrastructure sectors too.

All organizations in these sectors should realize that they are a target. You may already have focused on detecting, averting or responding to cyberthreats, and on your compliance and reporting obligations. But these measures don’t add up to true resilience, which relates to how quickly your organization can recover from a breach and limit any data losses.

Even the best defenses are no guarantee that an attack won’t occur. You must therefore assume your organization will be breached, and ask: how do we recover?

Serious consequences

In healthcare, for example, patient data is a major target for cybercriminals. One electronic medical record can sell for up to USD 250 on the dark web, and hospital systems may comprise tens or hundreds of thousands of patient records.

Hackers may also use the data in a ransomware attack – extorting money by threatening to publish or sell that data, or by locking or encrypting it. Such an attack can have a devastating impact: at a hospital, patient records becoming inaccessible may even lead to loss of life.

In 2021, ransomware-related complaints accounted for 24% of incident responses by NTT’s digital forensics team – up about 240% from 7% in 2019.

Learn more and save your organization

Boards must evaluate their security risks and decide which applications and systems are critical to their organizations. They can frame the acceptable risk in terms of a recovery point objective – a business calculation to determine acceptable data loss from a breach – and a recovery time objective, which refers to the amount of time needed to bring systems and operations back online.

So, how do you develop your organization’s risk profile and appetite, and then use these measures to improve your overall resilience?

We’ve developed a Cybersecurity Board Simulation Workshop to assist senior management in different types of organizations in a range of industries.

The aim of the hour-long workshop is to teach you to ask the right questions of your security team. The focus is not necessarily on how much money to spend on security, but rather on how your organization will continue in the event of a cyberattack. We use examples of real-life incidents to help you understand your organization’s current resilience status and weak points, and how to strengthen your defenses.

Security applications are not the most important part of a good security program – it’s the recovery that matters. Resilience is what’s going to save you.

Read more about our Cybersecurity Board Simulation.

John Karabin is Senior Director: Go-to-Market Security at NTT. This article includes contributions by Martin Burns is Senior Sales Director: Health Sector at NTT.