Our cyber security products span from our next gen SIEM used in the most secure government and critical infrastructure environments, to automated cyber risk reporting applications for commercial and government organisations of all sizes.
Cyber security has been a growing industry for many years now. From the first forays into Internet communication and the rise of e-commerce, mobile devices, cloud computing and social media – there has been a steady stream of technological advancements and a growing regulatory imperative to drive continued growth in investment in security as these new ways of doing business – digital transformation – have changed the risk profile.
In parallel, the cyber crime industry has also grown and matured – the rise of technology and the growing reliance on IT systems and networks for the storage, use and access to data has presented them with further opportunity to make (or steal) money or access (or steal) information and more in the way of sophisticated tools with which to do it.
Cyber criminals have had their own digital transformation, and it has been no less disruptive.
There are almost too many case studies and examples of advanced cyber attacks, too many research papers into the organised natures and advanced attack methodologies of APT groups, and too many news stories of large well-funded, technologically advanced organisations being found wanting when it comes to their level of security defences.
In many respects the degree of intelligence, organisation and professionalism has tracked the increasing reliance and ubiquity of IT systems that modern businesses deploy. If business can create applications to provide services to users, attackers can attack them; if businesses can use cloud platforms to make their business more flexible, attackers can target these or indeed use the same sorts of technology to mount powerful and flexible attacks. If businesses can create a network of services providers, outsourcers, specialists and international delivery teams; cyber criminals can form the same sort of web of specialisms and commission their services to create diverse and powerful networks of support for their own “businesses” – cloud-based hosting of DDoS attacks, malware on demand, discovery and sale of zero-day exploits etc.
The other factor that has pushed forward the cyber attacker/cyber criminal industry is the increasing rise of state sponsored attacks and attack networks, both those that are specifically geared towards the aims of states themselves or just those that weaken the delivery capabilities of other countries or sap value/intellectual property or personal data from the enterprises that exist in those countries that are considered targets.
This has, as has been widely reported, extended beyond just cyber attacks to the widespread use of propaganda and social media to exert influence and achieve socio-political goals ranging from influencing elections to destabilising society.
In short, there is just as much innovation, inventiveness and organisation on the side of the cyber criminal as there is within a legitimate business.
One other driver behind the increasing volume, prevalence and sophistication in cyber crime is that the money involved has leapt and at a global level now is reported by Interpol to be worth billions of dollars.
This much money attracts more than just amateur hackers and script kiddies – it is well into the sort of territory where organised criminal networks want a slice of the action.
In terms of costs (i.e. the costs to business and governments – rather than the profits made by cyber criminals) the figures are eye watering. A report by Cyber Security Ventures puts the figure at US$6trillion by 2021. Even if that is one or two orders of magnitude out, it’s a significant amount of money.
The rewards for cyber criminals are just as voluminous. Reports put the income potential from a career in cyber crime as high as US$2m for an individual at the top of their game, and above average graduate salaries even at a very low level.
The value of the cyber crime industry is estimated as US$1.5tn here.
As the saying goes: “A billion here, a billion there, pretty soon you are talking real money”. Cyber crime is way past those levels. Real money indeed.
Unless it is bitcoin, but that’s another story.
Put simply cyber crime affects everyone. There used to be (many years ago now) a perception that only banks, governments and high profiles businesses were truly at risk and that most companies would probably avoid the worst antics of cyber criminals if they had a fair level of defences in place.
Now there is financially useful information and personal data everywhere, and the rewards from ransomware can come from any type of system (whether it holds sensitive/valuable data or not) – even if it is just family photos (a big driver for home users to pay ransoms). So revenue for the attacker can come from a workstation in a large bank, a one-man-band sole trader or even an individual.
The threat covers banks, government, critical national infrastructure, telecommunications, social media platforms, retailers, on-line news and services providers, newspaper and even charities.
So cyber crime is getting more sophisticated, more lucrative, more flexible and more global. It has a potent blend of innovation drivers and it is unshackled by the working constraints of enterprises and governments who have to operate within the law, pay taxes, respect regulators, be ethical and act in the best interests of employees, customers, citizens and shareholders.
One shouldn’t be defeatist about this however, there is innovation and technology/process/people who are on the side of the potential cyber crime target (or victim). Whether it is governments, the intelligence community, national security agencies, law enforcement bodies or consulting/service/product providers. Even the community itself has more to gain in a competitive marketplace by working together to share intelligence on cyber threats than it does waiting for the competition to fall victim to them – and this is now increasingly recognised.
It does mean that cyber crime is not a threat that can be ignored. A good level of cyber defence, an ability to detect and respond to attacks and ever developing knowledge and awareness amongst technical teams, manager and staff/users has never been more important.
One thing is certain: Cyber crime is not going away!
<<< Part 2a: Australia’s Essential Eight: Beyond Endpoint Control <<< Part 2b: Activating UK NCSC & US NIST Guidelines: Beyond Endpoint Control Part 4: Systematic Measurement of Cyber Controls >>> As much as we invest into cyber security controls, external threats are inevitable. In a recent Notifiable Data Breaches Report from the Office of the […]Read more
Keen campers, scouts and even the Swiss Army know – that a good penknife is indispensable. This simple device has mitigated many a disaster at one point in time or another. Whether it’s to cut through a bit of string, tighten a screw or simply to solve the problem of no bottle opener in the […]Read more
Supply chain risk is an area of cyber security that demands the ongoing attention of every enterprise; because it can make the difference between being resilient or not. It’s no surprise that insurers warn that the vulnerability of supply chains is potentially a systemic risk that can quickly propagate across supply chain dominated industries. Organisations […]Read more
It took a “tripartite cyber assessment” by the Australian Prudential Regulation Authority (APRA) to identify that a sample of financial organisations had inadequate cyber security: poor security control management, a lack of business recovery planning and inadequate 3rd party risk assessment. Why were there gaps? Where is the failure? Clearly the common practice of unsubstantiated […]Read more
The discussion over data-driven vs qualitative cyber security assessment has been going for some time. Nowadays, it is at the top of the priority list for many security and senior executive teams. Managing cyber security has always been a noble ambition but without reliable measurement, the lack of actionable information makes evidence-based management decisions almost […]Read more
Attack Surface Management (ASM) characterises a business’s security risks as the monitoring and risk mitigation of a constantly changing and vulnerable “risk-surface”. Importantly, this attack surface extends to both internal and external assets and services. Some ASM solutions deliver clear visibility across both Internet facing and internal assets. Others do not. Instead, they assess external […]Read more
The UK Government has released its annual “Cyber Security Breaches Survey 2023”. It provides some valuable insights into how cyber security is currently being managed in the UK, by a range of organisations. It also speaks to how current competing economic priorities are impacting the effectiveness of some cyber security management efforts. The full report […]Read more
Solving the mismatch between cyber security reporting and directors’ requirements You are undoubtedly familiar with the headlines; you may have even become in part desensitised to them: ‘Cyber-attacks are increasingly damaging’, or ‘large amounts of personal data are most at risk’. The important take-away, however, is that modern day thieves can easily gain access to […]Read more
A system to address the untrustworthy security environment Zero trust approaches to security have been talked about for a while; but in recent times they have certainly gained more currency. As a model for protecting data and services, the simplicity of the concept is its biggest strength – assume, as a default position, there is […]Read more
The ongoing protection of Critical Infrastructure from cyber-attacks has implications for us all – whether it’s supporting our health, well-being or simply our way of life, there is good reason to reflect on the effectiveness your cyber security. Cyber security risks are nothing new and the vulnerability of critical infrastructure to them (and the heightened […]Read more
Read by directors, executives, and security professionals globally, operating in the most complex of security environments.