Why We Should Worry About A War On Cybercrime

As geopolitical tensions rise, cyberattacks propagated both by state-sponsored and criminal groups have risen even further up the list of concerns for governments and businesses worldwide. Cyberattacks are transitioning from being an issue of enterprise security to one of risk to public safety given attacks increasingly impact on Critical National Infrastructure and physical systems.  

It might be that governments and law enforcement need to redefine the rules governing their response to cyberattacks, given such a situation is increasingly on the horizon.

In 2023, it is likely that an attack, or a series of attacks, will put lawmakers in a position where they feel that the only option is to go beyond current responses, and truly disrupt and deter the people behind the keyboards altogether. As such, this year, we need two major sets of actions. 

One at the policy level is to review and implement changes to allow the appropriate capabilities across governments, especially regarding the prosecution and deterrence of actors. Secondly, the community must focus on generating more positive incentives for greater systemic resilience.

Policy Actions - Deterrence and Enforcement

In other security and defence policy areas, major events have given rise to government action that would once have been inconceivable. In the realm of cybersecurity, the speed at which the UK government suggested amendments to the rules governing Managed Security Providers (MSPs) by updating the Network and Information Systems Regulation after a wave of supply chain attacks, including Operation CloudHopper, shows that legislators are not afraid to act quickly t if they feel the need.

Organisations such as the British NCSC have been successful with improving cybersecurity policies, no state or multilateral organisation has yet come up with a robust definition of what “enforcement success’ means in the context of tackling cyber actors and states that provide safe harbours for threat actors.

It is also the case that many national governments have not yet fully legislated for the capabilities to prosecute cyber actors, such as in the UK of allowing the intercept of data to be disclosable in court, or in many jurisdictions, the use of Computer Network Exploitation to gather evidence by the police.

Not only is there an issue of better definitions and powers, but there would also have to be considerably more cooperation between national and supranational agencies, including better access to global data sources. This requires deep, scalable operations partnerships with law enforcement agencies globally. This still might be unpalatable to many, but necessary to be able to extradite hackers and press charges against them. For example, the issue of lack of sustained engagement with Russia is crucial to the global law enforcement community concerning cybercrime. One now being raised at the very highest level of Governments. 

Incentive Models - A Focus on the Positive

Currently, too few companies have the bespoke capabilities, human resources, and training to secure the convergence of enterprise properly, namely the Internet of Things (IoT) and Operational Technology (OT) environments associated with Critical National Infrastructure.. This fact needs greater recognition from the community.

It should inspire more action to ensure a broader base of companies with the skills and capabilities required to protect our digital infrastructure, particularly that which supports critical national infrastructure. 

Whilst we have plenty of negative incentive models in the form of regulation and penalties for non-compliance, these will only take us so far. We need more positive incentive models whereby the government works with the community to provide the capability, resources, and financial support required to build the proper ecosystem of organisations able to securely manage the complexity of critical national infrastructure environments. We have seen examples of this, such as payments to organisations by the US government to improve cybersecurity controls following the Colonial Pipeline. However, there needs to be deeper and more meaningful public-private cooperation if it is to make a real difference.

Time for Action

There is no getting away from the fact that the threat level continues to increase and is only headed in one direction. While governments and the cybersecurity community are working to improve cybersecurity controls and combat the risks that organisations face, there needs to be a more proactive focus on building cybersecurity companies with the capabilities and skill base required to combat cyber risks and prevent widespread public harm. 

Without this, and on the current trajectory, we are almost sure to find ourselves in a situation where governments feel they have to take more extreme measures to deal with the threat, with all of the intended and unintended consequences such actions will bring.

Will Dixon is Global Head of the Academy and Community at ISTARI

You Might Also Read:

How To Prepare For A Cyber Crisis:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


« PAM, IAM, Or Both?
Web Browser Attacks & How To Combat Them »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Bayshore Networks

Bayshore Networks

Bayshore Networks was founded to safely and securely protect Industrial IoT (IIoT) networks, applications, machines and workers from cyber threats.

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

CalCom

CalCom

CalCom Hardening Solution (CHS) for Microsoft OMS is a security baseline-hardening solution designed to address the needs of IT operations and security teams.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

Cyber Security Courses

Cyber Security Courses

Cyber Security Courses was formed to help students in the UK find cyber security courses online.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

Avrem Technologies

Avrem Technologies

Avrem Technologies is a business IT and cybersecurity consulting firm. We design, implement, manage and monitor the networks, servers, computers and software that our clients rely on each day.

Tarlogic

Tarlogic

Tarlogic works to protect and defend your security with the highest quality technical team with next generation solutions to achieve the best protection.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

Whalebone

Whalebone

Whalebone develop user-centric, no-installation network security products for telcos, internet service providers, enterprises, public institutions, and governments.

CodeSecure

CodeSecure

CodeSecure provides industry-leading static application security testing (SAST) tools that help organizations identify and remediate vulnerabilities early in the development lifecycle.