Sony-Owned Insomniac Games’ Breach Illustrates Impact of New Malicious Actor Behavior on Cyber Insurance and Risk Management Community
New York, December 19th, 2023 -- The revelation today of the extent and severity of Sony-owned Insomniac Games' breach reveals a disturbing shift in tactics being applied by threat actors, according to Kirsten Bay, CEO of Cysurance (www.cysurance.com) a next-generation risk mitigation company that insures, warrants and certifies security solutions deployed by enterprise end-users.
Kirsten Bay, CEO of Cysurance
"The actions by the hacking group Rhysida against Insomniac show how rapidly conventional ransom attacks are transitioning into straight extortion initiatives," she says.
"As organizations demonstrate the ability to more successfully manage 'conventional' ransom attacks, threat actors have intensified their focus on reconnaissance and exploitation. This has resulted in higher demands and shorter deadlines for ransom payments as threat actors land, expand and gain control over enterprise resources, while opening exploits against key trading partners," says Bay.
The shift in strategy, according to Bay, represents an existential threat to all organizations and the insurance companies that underwrite cyber risk.
"It is a wake-up call for players across industry segments to review the implementation of coordinated, integrated and automated security controls, such as identity and access management, endpoint management, and critical data encryption. It is the only way organizations can prevent the spread and severity of attacks," she says.
The entertainment technology sector in general, and the gaming industry in particular, is an application development-intensive environment.
"I expect organizations that fit this profile -- and the insurance companies that write policies to protect them -- to explore the role SaaS-based DevSecOps service providers can play in mitigating the impact of such attacks," says Bay.
As the post-event analysis of the Insomniac breach unfolds, Bay says that cyber underwriters will seek insights into a number of questions, including the dwell time of the attack -- how long the breach was in place before being noticed -- and the effectiveness of controls in detecting and mitigating the attack once it was executed.