Why We Should Worry About A War On Cybercrime

Uploaded on 2023-01-09 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

As geopolitical tensions rise, cyberattacks propagated both by state-sponsored and criminal groups have risen even further up the list of concerns for governments and businesses worldwide. Cyberattacks are transitioning from being an issue of enterprise security to one of risk to public safety given attacks increasingly impact on Critical National Infrastructure and physical systems.  

It might be that governments and law enforcement need to redefine the rules governing their response to cyberattacks, given such a situation is increasingly on the horizon.

In 2023, it is likely that an attack, or a series of attacks, will put lawmakers in a position where they feel that the only option is to go beyond current responses, and truly disrupt and deter the people behind the keyboards altogether. As such, this year, we need two major sets of actions. 

One at the policy level is to review and implement changes to allow the appropriate capabilities across governments, especially regarding the prosecution and deterrence of actors. Secondly, the community must focus on generating more positive incentives for greater systemic resilience.

Policy Actions - Deterrence and Enforcement

In other security and defence policy areas, major events have given rise to government action that would once have been inconceivable. In the realm of cybersecurity, the speed at which the UK government suggested amendments to the rules governing Managed Security Providers (MSPs) by updating the Network and Information Systems Regulation after a wave of supply chain attacks, including Operation CloudHopper, shows that legislators are not afraid to act quickly t if they feel the need.

Organisations such as the British NCSC have been successful with improving cybersecurity policies, no state or multilateral organisation has yet come up with a robust definition of what “enforcement success’ means in the context of tackling cyber actors and states that provide safe harbours for threat actors.

It is also the case that many national governments have not yet fully legislated for the capabilities to prosecute cyber actors, such as in the UK of allowing the intercept of data to be disclosable in court, or in many jurisdictions, the use of Computer Network Exploitation to gather evidence by the police.

Not only is there an issue of better definitions and powers, but there would also have to be considerably more cooperation between national and supranational agencies, including better access to global data sources. This requires deep, scalable operations partnerships with law enforcement agencies globally. This still might be unpalatable to many, but necessary to be able to extradite hackers and press charges against them. For example, the issue of lack of sustained engagement with Russia is crucial to the global law enforcement community concerning cybercrime. One now being raised at the very highest level of Governments. 

Incentive Models - A Focus on the Positive

Currently, too few companies have the bespoke capabilities, human resources, and training to secure the convergence of enterprise properly, namely the Internet of Things (IoT) and Operational Technology (OT) environments associated with Critical National Infrastructure.. This fact needs greater recognition from the community.

It should inspire more action to ensure a broader base of companies with the skills and capabilities required to protect our digital infrastructure, particularly that which supports critical national infrastructure. 

Whilst we have plenty of negative incentive models in the form of regulation and penalties for non-compliance, these will only take us so far. We need more positive incentive models whereby the government works with the community to provide the capability, resources, and financial support required to build the proper ecosystem of organisations able to securely manage the complexity of critical national infrastructure environments. We have seen examples of this, such as payments to organisations by the US government to improve cybersecurity controls following the Colonial Pipeline. However, there needs to be deeper and more meaningful public-private cooperation if it is to make a real difference.

Time for Action

There is no getting away from the fact that the threat level continues to increase and is only headed in one direction. While governments and the cybersecurity community are working to improve cybersecurity controls and combat the risks that organisations face, there needs to be a more proactive focus on building cybersecurity companies with the capabilities and skill base required to combat cyber risks and prevent widespread public harm. 

Without this, and on the current trajectory, we are almost sure to find ourselves in a situation where governments feel they have to take more extreme measures to deal with the threat, with all of the intended and unintended consequences such actions will bring.

Will Dixon is Global Head of the Academy and Community at ISTARI

You Might Also Read:

How To Prepare For A Cyber Crisis:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« PAM, IAM, Or Both?
Web Browser Attacks & How To Combat Them »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

Fedco International

Fedco International

Fedco International is an IT and SCADA ICS Security consultancy firm.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

NPCERT

NPCERT

NPCERT is a team of Information Security experts formed to address the urgent need for the protection of national information and growing cybersecurity threat in Nepal.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

Queen Consulting & Technologies

Queen Consulting & Technologies

Queen Consulting & Technologies specialize in providing IT support, management, and Security to Gov’t Contractors, CPAs, and Nonprofits.

Innerworks

Innerworks

Innerworks intelligent bot detection. Innerworks is building the future of behavioural data on web3.