Why We Should Worry About A War On Cybercrime

As geopolitical tensions rise, cyberattacks propagated both by state-sponsored and criminal groups have risen even further up the list of concerns for governments and businesses worldwide. Cyberattacks are transitioning from being an issue of enterprise security to one of risk to public safety given attacks increasingly impact on Critical National Infrastructure and physical systems.  

It might be that governments and law enforcement need to redefine the rules governing their response to cyberattacks, given such a situation is increasingly on the horizon.

In 2023, it is likely that an attack, or a series of attacks, will put lawmakers in a position where they feel that the only option is to go beyond current responses, and truly disrupt and deter the people behind the keyboards altogether. As such, this year, we need two major sets of actions. 

One at the policy level is to review and implement changes to allow the appropriate capabilities across governments, especially regarding the prosecution and deterrence of actors. Secondly, the community must focus on generating more positive incentives for greater systemic resilience.

Policy Actions - Deterrence and Enforcement

In other security and defence policy areas, major events have given rise to government action that would once have been inconceivable. In the realm of cybersecurity, the speed at which the UK government suggested amendments to the rules governing Managed Security Providers (MSPs) by updating the Network and Information Systems Regulation after a wave of supply chain attacks, including Operation CloudHopper, shows that legislators are not afraid to act quickly t if they feel the need.

Organisations such as the British NCSC have been successful with improving cybersecurity policies, no state or multilateral organisation has yet come up with a robust definition of what “enforcement success’ means in the context of tackling cyber actors and states that provide safe harbours for threat actors.

It is also the case that many national governments have not yet fully legislated for the capabilities to prosecute cyber actors, such as in the UK of allowing the intercept of data to be disclosable in court, or in many jurisdictions, the use of Computer Network Exploitation to gather evidence by the police.

Not only is there an issue of better definitions and powers, but there would also have to be considerably more cooperation between national and supranational agencies, including better access to global data sources. This requires deep, scalable operations partnerships with law enforcement agencies globally. This still might be unpalatable to many, but necessary to be able to extradite hackers and press charges against them. For example, the issue of lack of sustained engagement with Russia is crucial to the global law enforcement community concerning cybercrime. One now being raised at the very highest level of Governments. 

Incentive Models - A Focus on the Positive

Currently, too few companies have the bespoke capabilities, human resources, and training to secure the convergence of enterprise properly, namely the Internet of Things (IoT) and Operational Technology (OT) environments associated with Critical National Infrastructure.. This fact needs greater recognition from the community.

It should inspire more action to ensure a broader base of companies with the skills and capabilities required to protect our digital infrastructure, particularly that which supports critical national infrastructure. 

Whilst we have plenty of negative incentive models in the form of regulation and penalties for non-compliance, these will only take us so far. We need more positive incentive models whereby the government works with the community to provide the capability, resources, and financial support required to build the proper ecosystem of organisations able to securely manage the complexity of critical national infrastructure environments. We have seen examples of this, such as payments to organisations by the US government to improve cybersecurity controls following the Colonial Pipeline. However, there needs to be deeper and more meaningful public-private cooperation if it is to make a real difference.

Time for Action

There is no getting away from the fact that the threat level continues to increase and is only headed in one direction. While governments and the cybersecurity community are working to improve cybersecurity controls and combat the risks that organisations face, there needs to be a more proactive focus on building cybersecurity companies with the capabilities and skill base required to combat cyber risks and prevent widespread public harm. 

Without this, and on the current trajectory, we are almost sure to find ourselves in a situation where governments feel they have to take more extreme measures to deal with the threat, with all of the intended and unintended consequences such actions will bring.

Will Dixon is Global Head of the Academy and Community at ISTARI

You Might Also Read:

How To Prepare For A Cyber Crisis:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


« PAM, IAM, Or Both?
Web Browser Attacks & How To Combat Them »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

United Biometrics

United Biometrics

United Biometrics is an anonymous and real-time authentication platform designed to stop the fraud for mobile payments, e-Commerce and applications.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

ISARR

ISARR

The ISARR software platform - your bespoke Risk, Resilience & Security Management solution. Simple, cost effective and adaptable, now and into the future.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

Nineteen Group

Nineteen Group

Nineteen Group delivers major-scale exhibitions within the security, fire, emergency services, health and safety, facilities management and maintenance engineering sectors.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

CornerStone

CornerStone

CornerStone is an award winning, independent risk, cyber and security consulting firm providing a range of Risk Management, Security Design and Implementation Management Services.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.