Industrialisation Of Cybercrime Is Disrupting Business

Only a fifth of IT decision makers in large multinational corporations are confident that their organisation is fully prepared against the threat of cybercriminals. The vast majority of companies feel constrained by regulation, available resources and a dependence on third parties when responding to attacks, according to new research from BT and KPMG.

While 94 per cent of IT decision makers are aware that criminal entrepreneurs are blackmailing and bribing employees to gain access to organisations, roughly half (47 per cent) admit that they don’t have a strategy in place to prevent it.

Majority experienced a cyber attack

The report also finds that 97 per cent of respondents experienced a cyber-attack, with half of them reporting an increase in the last two years. At the same time, 91 per cent of respondents believe they face obstacles in defending against digital attack, with many citing regulatory obstacles, and 44 per cent being concerned about the dependence on third parties for aspects of their response.

“The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft. The twenty-first century cyber-criminal is a ruthless and efficient entrepreneur, supported by a highly developed and rapidly evolving black market,” said Mark Hughes, CEO Security, BT.

“With cybercrime continuing to escalate, a new approach to digital risk is needed – and that means putting yourself in the shoes of attackers. Businesses need to not only defend against cyber-attacks, but also disrupt the criminal organisations that launch those attacks. They should certainly work closer with law enforcement as well as partners in the cyber security marketplace.”

The expansion of strategic roles

The BT-KPMG report shows that Chief Digital Risk Officers (CDROs) are now being appointed to hold strategic roles which combine digital expertise with high-level management skills.

With 26 per cent of respondents confirming that a CDRO has already been appointed, the report’s data suggests that the security role and accountability for it is being re-examined.

Adjusting security budgets

The research also flags the need for budgets to be adjusted, with 60 per cent of decision makers reporting that their organisation’s cyber security is currently financed by the central IT budget while half of those (50 per cent) think it should come from a separate security budget. One major challenge identified by the report is the funding and scale of R&D spending that the criminals can bring to bear on breaching the defences of target companies.

“Businesses should be turning towards cybersecurity vendors that are using artificial intelligence in an attempt to make sense of the billions of data points collected by endpoint and gateways, scanners and other proactive intelligence systems. Machine learning is able to more quickly distinguish between good and bad behaviour, malicious IPs, websites and files. This means a far greater number of threats can be analysed, before it is passed to human researchers for a deeper analysis,” David Kennerley, Director of Threat Research at Webroot, told Help Net Security.

HelpNetSecurity

« Hackers Target Thousands of GMails
Russia Claims ‘Increase in Cyberattacks by West Spies’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Holm Security

Holm Security

Holm Security are taking vulnerability assessment into the next generation as a cloud service.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

Security Engineered Machinery (SEM)

Security Engineered Machinery (SEM)

SEM provides comprehensive end-of-life solutions for the protection of sensitive information in government and commercial markets.

FraudScope

FraudScope

FraudScope is an AI-assisted platform that accelerates the identification of fraud, waste, and abuse.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

Strike Graph

Strike Graph

The Strike Graph GRC platform enables Security Audits & Certifications.

Kainos

Kainos

Kainos is a leading provider of Digital Services and Platforms. Our services include Digital Transformation, Cyber Security, Cloud, AI, IoT and more.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

HashDit

HashDit

HashDit products and services focus on helping build a safe ecosystem for both protocol users and smart contract developers on BNB Chain.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.