Companies Should Tackle Cybercrime & 'take the fight to the criminals'

Firms must “take the fight to the criminals” to prevent a rising tide of cyber-attacks by sophisticated organised crime gangs.

In a joint report, telecoms group BT and consulting firm KPMG called on companies to address the “industrialisation of cybercrime”, warning against the danger of overplaying the more high-profile threat of lone hackers.

The report warns that today’s cybercriminal often works for complex operations akin to businesses, with human resources divisions and budgets for research and development.

Some are so sophisticated that they are able to hijack senior executives’ email accounts and fake correspondence to convince junior company employees to approve transactions. In one such case, the scam led to one company agreeing to pay out $18.5m (£13.9m) to criminals in the Asia-Pacific region, BT and KPMG said, without identifying the company.

Businesses must work with law enforcement against such operations, the report said, and should consider launching their own pre-emptive attacks against cybercrime networks.

Mark Hughes, chief executive of cybercrime at BT, said it was vital that companies “take the fight to the criminals”. “The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft,” he said.

“The twenty-first century cybercriminal is a ruthless and efficient entrepreneur supported by a highly developed and rapidly evolving black market. Businesses need to not only defend against cyber-attacks but also disrupt the criminal organisations that launch those attacks.”

But Hughes said the industry’s efforts to tackle the problem are being hampered by a lack of graduates with the right skills to work in cyber-defence. BT has identified cybersecurity as a huge potential growth area, with revenues from its cybersecurity division increasing at more than 10% a year.

In April, the telecoms giant announced plans to hire 900 people for its already 2,500-strong security team to cope with growing demand.

The BT-KPMG report found that while 97% of firms have suffered a cyber-attack, only a fifth of technology chiefs at those firms felt well enough equipped to deal with organised cybercrime.

The skills deficit persists despite the importance of cybersecurity to major corporations being underlined by several high-profile security breaches.

Broadband and telecoms provider TalkTalk lost more than 100,000 customers and faced a bill of at least £60m in the wake of a cyber-attack last year that saw thousands of users’ data harvested.

Ashley Madison – a US dating website aimed at people looking for extra-marital affairs – was hit by an attack that saw thousands of users’ dating profiles leaked online.

Guardian

« EU Signs Cyber-Security Agreement With Industry
Pentagon Unprepared to Repel Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Blue Frost Security

Blue Frost Security

Blue Frost Security provides high-level IT security consulting, penetration testing services, ISO 27001 Solutions, PCI compliance solutions and training.

ISACA

ISACA

ISACA is a global professional association and learning organization for members who work in information security, governance, assurance, rissk and privacy.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Komodo Consulting (KomodoSec)

Komodo Consulting (KomodoSec)

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

Green House Data

Green House Data

Green House Data is a managed services provider delivering hybrid solutions to enterprises who need secure IT environments and efficient management of their critical applications and business data.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group, Ltd. (STIGroup) is an innovative firm that provides CyberSecurity consulting, secure IT engineering, managed security services, and human capital solutions.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Think|Stack

Think|Stack

Think|Stack is a managed IT services company specializing in cloud and cybersecurity with human-centered design.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

GISEC Global

GISEC Global

GISEC Global provides vendors and companies from around the world with access to lucrative opportunity to capitalize on what's set to become one of the world's booming markets.