Major failures were found in Israeli insurance company Shirbit’s preparedness and handling of the major cyberattack it was victim to earlier this month. That, as well as weak regulation of the necessary cyber risk management standards, may have contributed to the severity of the hack, according to a new report.The report refers to details released until December 8 and was written by CSFI fellow and cybersecurity consultant, Einat Meyron. It states that “the sequence of failures that led to such bad management of the incident and with it bad decision-making, indicate a lack of understanding and experience in dealing with cyber incidents. [Shirbit’s] every decision over time was a mistake.”This is not a problem that is unique to Shirbit according to the report. Companies that win government tenders are held to standards set by the government, putting responsibility on government bodies as well. “The National Cyber Directory also needs to explain how it allowed this to happen,” stated the report. The report found that Shirbit was not prepared for the attack in part due to an insufficient information security incident monitoring service (SOC). The report stated…
