Report urges consulting firms to strengthen their cyber frontiers

26 August 2024 Consultancy.com.au

The number of cyber threats and the complexity of incidents in professional services continue to rise, with consulting firms particularly prone to attackers. That is according to a new report from Trustwave. Jason Whyte, APAC general manager at the cyber solutions company, walks through some of the report’s key findings for leaders in the consulting landscape.

The latest ‘Professional Services Threat Landscape’ report highlights the increasing cyberthreats targeting the professional services sector. This sector, which includes consulting, accounting, legal, and other business services, is a prime target for cybercriminals due to the sensitive information it manages, such as intellectual property, legal documents, and client personally identifiable information.

A cybersecurity breach can lead to financial losses, reputational damage, operational disruptions, employee stress, and heightened regulatory scrutiny. Therefore, professional services must comprehensively understand these threats and take proactive steps to protect against them.

Notably, consultants face distinct cybersecurity challenges compared to for instance lawyers or engineers, worsened by complex vendor ecosystems and stringent regulatory requirements.

Ransomware and phishing threats

Ransomware attacks on professional services firms have surged, with law firms being particularly vulnerable, accounting for 46 per cent of incidents. Consulting firms face significant risks due to the sensitive nature of their data and their dependence on third-party vendors.

Phishing is the primary method for initial access, responsible for 93 per cent of incidents. Key ransomware groups like ALPHV (BlackCat), LockBit 3.0, and 8Base are responsible for a large share of attacks, making up 20 per cent, 19 per cent, and 18 per cent of ransomware incidents, respectively.

Mitigation strategies for email security that organisations can employ include:
• implementing anti-malware tools
• training employees to recognise suspicious emails and attachments
• deploying robust email filtering solutions
• using host-based anti-malware tools to identify and quarantine malware
• educating users about the dangers of malicious email attachments
• implementing active monitoring to establish a baseline of regular activity and identify abnormal behaviour.  

Mitigation strategies for ransomware attacks that organisations can employ include:
• developing incident response plans
• regularly backing up critical data
• enabling system and network logging
• actively monitoring for abnormal behaviour
• using dark web monitoring to detect potential information leaks.

Report urges consulting firms to strengthen their cyber frontiers

Jason Whyte is APAC general manager at cyber solutions company Trustwave

Supply chain vulnerabilities

Consulting firms often work with numerous third-party vendors, each introducing potential security risks. Vulnerabilities in third-party software, particularly file transfer services, have led to breaches at major firms that were otherwise well protected.

To mitigate the risks, consulting firms can conduct thorough security assessments before engaging with third-party vendors as well as implement and enforce strict cybersecurity clauses in contracts with these vendors.

Other strategies that organisations can employ include:

Regularly reviewing and patching:
• regularly review vendor security practices
• patch identified vulnerabilities.

Implementing access controls:
• enforce strict access controls
• monitor and limit third-party access to sensitive data.

Encrypting credentials and enforcing strong password hygiene:
• encrypt all credentials  
• conduct regular audits to identify and remove unnecessary privileges and outdated accounts
• monitor the dark web for potential compromises and ensure a robust incident response process.

Technological advancements and risks
New technologies offer competitive advantages but also bring new cybersecurity risks. The rise of cloud platforms and their vulnerabilities is a growing concern. Misconfigured cloud storage and inadequate access controls can lead to significant data breaches, making it critical for consulting organisations to not only implement robust security measures, but also prioritise employee education on security protocols to reduce the risk of human error.

Organisations should also stay updated with evolving regulations surrounding data privacy and security and regularly review and update security policies accordingly.

The Trustwave SpiderLabs report highlights the need for consulting firms to strengthen their cybersecurity measures. Consulting firms can better protect their sensitive data, maintain client trust, and ensure business continuity despite evolving cyberthreats by leveraging the report's findings and adopting the recommended strategies.