Addressing Cyber Threats With Positive Action

Hacking and other types of cyber attacks on business have increased considerably since 2018 and cybercrime in all its forms is hitting business with ever- increasing costs and so it is important to review your prospects and security against cyber-attacks in 2020/21.

The year 2018 was a watershed which saw a massive increase in global cyber-crime with Interpol reporting that it now runs in the billions of dollars. In the UK with 65% of large firms realised that they had been breached and attacked with ransomware  becoming one of the most lucrative sources of criminal profit.

Cyber criminals have learnt from their own successful experince and are now far more effective in their attack and theft processes. Many of cybercrime groups are now organising themselves along more traditional business processes which are are improving their effectiveness. Cyber crime is now the fastest growing areas of global crime and instead of a few small groups and some individuals committing the crimes. organiswed groups have grown and operate with a level of sophistication very similar  to large business models.

The crimes themselves have not changed dramatically as the criminals are still taking money from fraud, theft, gambling and illegal drug and fake medicine sales, but the expansion of the criminal activity to cyber-crime is far more effective and profitable for criminal business in general. 

  • The British Office for National Statistics (ONS) said in 2018 that computer misuse and malware against business was significantly increasing and was up 63% in a year.  
  • The Bristsish  National Cyber Security Centre (NCSC)  has said that cyber-crime has now reached its highest level to date and is asking all governments to advise all business to improve their cyber-security standards and actions.

The UK has made some progress but more police training is required as cyber-crime is now widkey considered to be equivalaent tpover 1% of UK GDP by the end of 2019. 

Other than a lack of real cyber training for all police officers, one of the current problems is that many businesses are still not reporting cyber-attacks and this reticence is usually connected with a fear of reputational dmage and related  public relations effects.

Cisco is now running a cyber security training programmed for 120,000 British police officers, although it is still the case that  reporting a cyber crime to the UK police in the UK is not easy. In the case of stolen personal banking data where victims have had their bank accounts robbed, the police often refer vistims back to their bank rather than dealing with the crime.  

The problem for the UK police is that they are overstretched with the numbers of police at its lowest level since 1981 and in many forces there is no capacity within the regional forces to spend the necessary time on cyber crime. Budgets for electronic systems has not for most governments, police services or commerce grown yet the potential for cyber-attacks has increased significantly and this reality will become more of a problem for many organisations over the coming months. 
There are no simple answers but staff training, understanding your security issues and more carefully managing your data has become crucial.  

There are a number of issues you should be monitoring including such areas as your use of cloud, training to reduce phishing attack effects and where a lot more different systems are connected. 

Often this is due to lack of training or when an employee leaves either through redundancy or because they have had an argument with their colleagues and or management or just because their access to the system has not been completely shut-down and so they still have access. 

The Costs Of Cyber Security
One of the issues that needs attention is to carefully budget for how much cyber security investment should be made and this should start with analysing how much an attack could cost and its effects. Getting an independent review of your systems and personnel cyber comprehension is very worthwhile and gives you a much better understanding of the risks and ways to improve the people and systems. 

Some of the broader issues that will affect organisations in 2019 will be due to AI and the ability to change and create fake news using video and audio spoofing.

One way this can affect you and your organisation is that these fake pieces can be used to get your staff to wrongly change something within the systems. Or it can create fake emails that con and mislead employees to pass over passwords or sensitive data and information. 

These effects can also be used to create fake news about a government or a company’s activities and it is very important that you tackle these issues by going through a thorough review and internal audit process will give business decion-makers a much better understanding of the potential issues and where positive action can take place 

You Might Also Read: 

Cyber Intelligence & Business Strategy:

Positive Cyber-Secure Training:

 

 

 

« Security Advice For Using Video Conference Tools
British Spies Looking For Private AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

Centrify

Centrify

Centrify’s Next-Gen Access is an identity & access management solution that uniquely converges Identity-as-a-Service, enterprise mobility management and privileged access management.

Marsh

Marsh

Marsh is a global leader in insurance broking and risk management and has been a leader in combatting cyber threats since their emergence.

CSIRT.CZ

CSIRT.CZ

CSIRT.CZ is the National Computer Security Incident Response Team of the Czech Republic.

Elastic

Elastic

Elastic is the world's leading software provider for making structured and unstructured data usable in real time for search, logging, security, and analytics use cases.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

URS Certification

URS Certification

United Registrar of Systems (URS Certification) is an independent certification body operating in more than 30 countries within the multinational URS Holdings.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

SAFECode

SAFECode

SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights on creating, improving, and promoting effective software security programs.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Cyber Security Consulting Services to help you secure your mission-critical systems.

CyberXposure

CyberXposure

CyberXposure has been built by a team comprising of Cyber Security Professionals and SAAS experts in data backup, disaster recovery and cyber-security.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.