Companies Should Tackle Cybercrime & 'take the fight to the criminals'

Firms must “take the fight to the criminals” to prevent a rising tide of cyber-attacks by sophisticated organised crime gangs.

In a joint report, telecoms group BT and consulting firm KPMG called on companies to address the “industrialisation of cybercrime”, warning against the danger of overplaying the more high-profile threat of lone hackers.

The report warns that today’s cybercriminal often works for complex operations akin to businesses, with human resources divisions and budgets for research and development.

Some are so sophisticated that they are able to hijack senior executives’ email accounts and fake correspondence to convince junior company employees to approve transactions. In one such case, the scam led to one company agreeing to pay out $18.5m (£13.9m) to criminals in the Asia-Pacific region, BT and KPMG said, without identifying the company.

Businesses must work with law enforcement against such operations, the report said, and should consider launching their own pre-emptive attacks against cybercrime networks.

Mark Hughes, chief executive of cybercrime at BT, said it was vital that companies “take the fight to the criminals”. “The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft,” he said.

“The twenty-first century cybercriminal is a ruthless and efficient entrepreneur supported by a highly developed and rapidly evolving black market. Businesses need to not only defend against cyber-attacks but also disrupt the criminal organisations that launch those attacks.”

But Hughes said the industry’s efforts to tackle the problem are being hampered by a lack of graduates with the right skills to work in cyber-defence. BT has identified cybersecurity as a huge potential growth area, with revenues from its cybersecurity division increasing at more than 10% a year.

In April, the telecoms giant announced plans to hire 900 people for its already 2,500-strong security team to cope with growing demand.

The BT-KPMG report found that while 97% of firms have suffered a cyber-attack, only a fifth of technology chiefs at those firms felt well enough equipped to deal with organised cybercrime.

The skills deficit persists despite the importance of cybersecurity to major corporations being underlined by several high-profile security breaches.

Broadband and telecoms provider TalkTalk lost more than 100,000 customers and faced a bill of at least £60m in the wake of a cyber-attack last year that saw thousands of users’ data harvested.

Ashley Madison – a US dating website aimed at people looking for extra-marital affairs – was hit by an attack that saw thousands of users’ dating profiles leaked online.

Guardian

« EU Signs Cyber-Security Agreement With Industry
Pentagon Unprepared to Repel Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Casaba Security

Casaba Security

Casaba are specialists in software security providing managed Software Development Lifecycle services as well as products for security testing.

Australian Cyber Security Growth Network (AustCyber)

Australian Cyber Security Growth Network (AustCyber)

AustCyber brings together businesses and researchers to develop the next generation of cyber security products and services.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Belden

Belden

Belden is a global leader in signal transmission and security solutions for mission-critical applications in enterprise and industrial markets. Belden brands include Hirschmann and Tofino Security.

Dutch Accreditation Council (RvA)

Dutch Accreditation Council (RvA)

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Field Effect Software

Field Effect Software

Field Effect Software build sophisticated and integrated IT security, threat surface reduction, training and simulation capabilities for enterprises and small businesses.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

Analygence

Analygence

ANALYGENCE is your trusted partner for mission support, cyber solutions, and management services.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

AI Safety Institute (AISI)

AI Safety Institute (AISI)

The AI Safety Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike (Cyber Security)

Siguria Kibernetike is a company based in Tirana that offers full service in the field of cyber and physical security.