Addressing Cyber Threats With Positive Action
Hacking and other types of cyber attacks on business have increased considerably since 2018 and cybercrime in all its forms is hitting business with ever- increasing costs and so it is important to review your prospects and security against cyber-attacks in 2020/21.
The year 2018 was a watershed which saw a massive increase in global cyber-crime with Interpol reporting that it now runs in the billions of dollars. In the UK with 65% of large firms realised that they had been breached and attacked with ransomware becoming one of the most lucrative sources of criminal profit.
Cyber criminals have learnt from their own successful experince and are now far more effective in their attack and theft processes. Many of cybercrime groups are now organising themselves along more traditional business processes which are are improving their effectiveness. Cyber crime is now the fastest growing areas of global crime and instead of a few small groups and some individuals committing the crimes. organiswed groups have grown and operate with a level of sophistication very similar to large business models.
The crimes themselves have not changed dramatically as the criminals are still taking money from fraud, theft, gambling and illegal drug and fake medicine sales, but the expansion of the criminal activity to cyber-crime is far more effective and profitable for criminal business in general.
- The British Office for National Statistics (ONS) said in 2018 that computer misuse and malware against business was significantly increasing and was up 63% in a year.
- The Bristsish National Cyber Security Centre (NCSC) has said that cyber-crime has now reached its highest level to date and is asking all governments to advise all business to improve their cyber-security standards and actions.
The UK has made some progress but more police training is required as cyber-crime is now widkey considered to be equivalaent tpover 1% of UK GDP by the end of 2019.
Other than a lack of real cyber training for all police officers, one of the current problems is that many businesses are still not reporting cyber-attacks and this reticence is usually connected with a fear of reputational dmage and related public relations effects.
Cisco is now running a cyber security training programmed for 120,000 British police officers, although it is still the case that reporting a cyber crime to the UK police in the UK is not easy. In the case of stolen personal banking data where victims have had their bank accounts robbed, the police often refer vistims back to their bank rather than dealing with the crime.
The problem for the UK police is that they are overstretched with the numbers of police at its lowest level since 1981 and in many forces there is no capacity within the regional forces to spend the necessary time on cyber crime. Budgets for electronic systems has not for most governments, police services or commerce grown yet the potential for cyber-attacks has increased significantly and this reality will become more of a problem for many organisations over the coming months.
There are no simple answers but staff training, understanding your security issues and more carefully managing your data has become crucial.
There are a number of issues you should be monitoring including such areas as your use of cloud, training to reduce phishing attack effects and where a lot more different systems are connected.
- As the use of cloud based systems increases the security issues will increase and your own IT people should monitor and check your cloud use.
- It is very important to ensure that as changes and updates to IT systems take place that all old systems are effectively cleared and completely separated from the new up-grades as entering your new systems from your old technology is a way cyber-attacks use as it is often one of the easier ways into your new system.
- It has been true of some of the analysis that there has been a significant increase in internal and recently departed employees holding on to confidential data and enjoying continuing access to their ex-employers IT systems.
Often this is due to lack of training or when an employee leaves either through redundancy or because they have had an argument with their colleagues and or management or just because their access to the system has not been completely shut-down and so they still have access.
The Costs Of Cyber Security
One of the issues that needs attention is to carefully budget for how much cyber security investment should be made and this should start with analysing how much an attack could cost and its effects. Getting an independent review of your systems and personnel cyber comprehension is very worthwhile and gives you a much better understanding of the risks and ways to improve the people and systems.
Some of the broader issues that will affect organisations in 2019 will be due to AI and the ability to change and create fake news using video and audio spoofing.
One way this can affect you and your organisation is that these fake pieces can be used to get your staff to wrongly change something within the systems. Or it can create fake emails that con and mislead employees to pass over passwords or sensitive data and information.
These effects can also be used to create fake news about a government or a company’s activities and it is very important that you tackle these issues by going through a thorough review and internal audit process will give business decion-makers a much better understanding of the potential issues and where positive action can take place
You Might Also Read:
Cyber Intelligence & Business Strategy:
Positive Cyber-Secure Training: