Industrialisation Of Cybercrime Is Disrupting Business

Only a fifth of IT decision makers in large multinational corporations are confident that their organisation is fully prepared against the threat of cybercriminals. The vast majority of companies feel constrained by regulation, available resources and a dependence on third parties when responding to attacks, according to new research from BT and KPMG.

While 94 per cent of IT decision makers are aware that criminal entrepreneurs are blackmailing and bribing employees to gain access to organisations, roughly half (47 per cent) admit that they don’t have a strategy in place to prevent it.

Majority experienced a cyber attack

The report also finds that 97 per cent of respondents experienced a cyber-attack, with half of them reporting an increase in the last two years. At the same time, 91 per cent of respondents believe they face obstacles in defending against digital attack, with many citing regulatory obstacles, and 44 per cent being concerned about the dependence on third parties for aspects of their response.

“The industry is now in an arms race with professional criminal gangs and state entities with sophisticated tradecraft. The twenty-first century cyber-criminal is a ruthless and efficient entrepreneur, supported by a highly developed and rapidly evolving black market,” said Mark Hughes, CEO Security, BT.

“With cybercrime continuing to escalate, a new approach to digital risk is needed – and that means putting yourself in the shoes of attackers. Businesses need to not only defend against cyber-attacks, but also disrupt the criminal organisations that launch those attacks. They should certainly work closer with law enforcement as well as partners in the cyber security marketplace.”

The expansion of strategic roles

The BT-KPMG report shows that Chief Digital Risk Officers (CDROs) are now being appointed to hold strategic roles which combine digital expertise with high-level management skills.

With 26 per cent of respondents confirming that a CDRO has already been appointed, the report’s data suggests that the security role and accountability for it is being re-examined.

Adjusting security budgets

The research also flags the need for budgets to be adjusted, with 60 per cent of decision makers reporting that their organisation’s cyber security is currently financed by the central IT budget while half of those (50 per cent) think it should come from a separate security budget. One major challenge identified by the report is the funding and scale of R&D spending that the criminals can bring to bear on breaching the defences of target companies.

“Businesses should be turning towards cybersecurity vendors that are using artificial intelligence in an attempt to make sense of the billions of data points collected by endpoint and gateways, scanners and other proactive intelligence systems. Machine learning is able to more quickly distinguish between good and bad behaviour, malicious IPs, websites and files. This means a far greater number of threats can be analysed, before it is passed to human researchers for a deeper analysis,” David Kennerley, Director of Threat Research at Webroot, told Help Net Security.

HelpNetSecurity

« Hackers Target Thousands of GMails
Russia Claims ‘Increase in Cyberattacks by West Spies’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

National Intelligence Service (NIS) - South Korea

National Intelligence Service (NIS) - South Korea

The NIS oversees policy on cyber security in South Korea by formulating and coordinating the execution of such policy and devising necessary schemes and guidelines.

NPCore

NPCore

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

QuickLaunch

QuickLaunch

QuickLaunch transforms how cloud-savvy institutions and companies manage human and device authentication, authorization, access control and integration.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

Secure Blockchain Technologies (SBT)

Secure Blockchain Technologies (SBT)

SBT is a team of Enterprise IT Security Professionals weaving security and Blockchain Technology into our customer’s operational fabric.

Variti

Variti

Variti Intelligent Active Bot Protection technology — traffic analysis, detection and stopping of malicious bots in real-time and effective response to DDoS attacks.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

vCISO Services

vCISO Services

vCISO Services is a small, specialized, veteran-owned firm focused on the needs of SMBs only.

Normalyze

Normalyze

Normalyze are solving some of the most painful problems enterprise IT security teams face in the cloud and data security space. We help enterprises protect all the data they run in the cloud.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.

Munio

Munio

Munio is a leading Fortified IT Support and Cyber Security companies in the south east of the UK.

Quantum Bridge

Quantum Bridge

Our unbreakable key distribution technology ensures the highest level of protection for your critical infrastructure and sensitive data in an evolving digital landscape.