Addressing Cyber Threats With Positive Action

Hacking and other types of cyber attacks on business have increased considerably since 2018 and cybercrime in all its forms is hitting business with ever- increasing costs and so it is important to review your prospects and security against cyber-attacks in 2020/21.

The year 2018 was a watershed which saw a massive increase in global cyber-crime with Interpol reporting that it now runs in the billions of dollars. In the UK with 65% of large firms realised that they had been breached and attacked with ransomware  becoming one of the most lucrative sources of criminal profit.

Cyber criminals have learnt from their own successful experince and are now far more effective in their attack and theft processes. Many of cybercrime groups are now organising themselves along more traditional business processes which are are improving their effectiveness. Cyber crime is now the fastest growing areas of global crime and instead of a few small groups and some individuals committing the crimes. organiswed groups have grown and operate with a level of sophistication very similar  to large business models.

The crimes themselves have not changed dramatically as the criminals are still taking money from fraud, theft, gambling and illegal drug and fake medicine sales, but the expansion of the criminal activity to cyber-crime is far more effective and profitable for criminal business in general. 

  • The British Office for National Statistics (ONS) said in 2018 that computer misuse and malware against business was significantly increasing and was up 63% in a year.  
  • The Bristsish  National Cyber Security Centre (NCSC)  has said that cyber-crime has now reached its highest level to date and is asking all governments to advise all business to improve their cyber-security standards and actions.

The UK has made some progress but more police training is required as cyber-crime is now widkey considered to be equivalaent tpover 1% of UK GDP by the end of 2019. 

Other than a lack of real cyber training for all police officers, one of the current problems is that many businesses are still not reporting cyber-attacks and this reticence is usually connected with a fear of reputational dmage and related  public relations effects.

Cisco is now running a cyber security training programmed for 120,000 British police officers, although it is still the case that  reporting a cyber crime to the UK police in the UK is not easy. In the case of stolen personal banking data where victims have had their bank accounts robbed, the police often refer vistims back to their bank rather than dealing with the crime.  

The problem for the UK police is that they are overstretched with the numbers of police at its lowest level since 1981 and in many forces there is no capacity within the regional forces to spend the necessary time on cyber crime. Budgets for electronic systems has not for most governments, police services or commerce grown yet the potential for cyber-attacks has increased significantly and this reality will become more of a problem for many organisations over the coming months. 
There are no simple answers but staff training, understanding your security issues and more carefully managing your data has become crucial.  

There are a number of issues you should be monitoring including such areas as your use of cloud, training to reduce phishing attack effects and where a lot more different systems are connected. 

Often this is due to lack of training or when an employee leaves either through redundancy or because they have had an argument with their colleagues and or management or just because their access to the system has not been completely shut-down and so they still have access. 

The Costs Of Cyber Security
One of the issues that needs attention is to carefully budget for how much cyber security investment should be made and this should start with analysing how much an attack could cost and its effects. Getting an independent review of your systems and personnel cyber comprehension is very worthwhile and gives you a much better understanding of the risks and ways to improve the people and systems. 

Some of the broader issues that will affect organisations in 2019 will be due to AI and the ability to change and create fake news using video and audio spoofing.

One way this can affect you and your organisation is that these fake pieces can be used to get your staff to wrongly change something within the systems. Or it can create fake emails that con and mislead employees to pass over passwords or sensitive data and information. 

These effects can also be used to create fake news about a government or a company’s activities and it is very important that you tackle these issues by going through a thorough review and internal audit process will give business decion-makers a much better understanding of the potential issues and where positive action can take place 

You Might Also Read: 

Cyber Intelligence & Business Strategy:

Positive Cyber-Secure Training:

 

 

 

« Security Advice For Using Video Conference Tools
British Spies Looking For Private AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

CSIRT-NQN

CSIRT-NQN

CSIRT-NQN is the Computer Incident Response Team for the Argentine province of Neuquen.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Arc4dia Labs

Arc4dia Labs

Arc4dia have developed SNOW, a cyber security solution to combat the world’s most sophisticated cyber threats.

CyCognito

CyCognito

CyCognito empowers companies to take full control over their attack surface by uncovering and eliminating the critical security risks they didn't even know existed.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

Network Intelligence

Network Intelligence

Network Intelligence are a global cybersecurity provider offering services across 6 broad spectrums - Assessment, BCMS, GRC, Professional Services, MSSP & Training.

Glocomms

Glocomms

Glocomms is a leading specialist recruitment agency for the tech sector, providing permanent, contract, and multi-hire recruitment from our global hubs in San Francisco, New York, London and Berlin.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.