How To Beat Cybercrime’s Prey-and-Pay Villains

Cybercriminals are increasingly running their operations like a business. It’s time to approach your cybersecurity strategy the same way.

istock 479801118

Cybercrime pays, so much so that successful cybercriminals now run their operations like a business, complete with technical support centers, in-house training, and HR.

To protect your digital assets, you need to approach your cybersecurity like a business, and not as a one-time point solution that is bolted onto existing infrastructures, programs, and procedures. A comprehensive cybersecurity strategy that is effective and adaptive, end-to-end, automated, and intelligent will ensure protection you can rely on.

According to the FBI, cybercriminals were responsible for $1.3 billion in reported losses in 2016 generated from almost 300,000 complaints. This was up 24% from 2015’s $1.07 billion and 288,000 complaints.

A new survey from Accenture and the Ponemon Institute found that the average cost of cybercrime — including expenses such as having to manage incidents and remediate business disruption — globally climbed to $11.7 million per organization in 2017, a 23% increase from 2016, and up 62% in the last five years. The survey also found that the average company now suffers 130 breaches per year, a 27.4% increase over 2016 and almost double what it was five years ago

Most research paints an even bleaker picture: the previous annual, global cost of cybercrime was just raised from $500 billion to $3 trillion this year, and it’s expected to double to $6 trillion by 2021.

Yet, for wannabe cybercriminals, the costs are relatively cheap. There are ransomware kits on the black market for as little as $175. There are offers for cybercrime-as-a-service, attacks-as-a-service, malware-as-a-service, and fraud-as-a-service — including a Russian DDoS booter rental for $60 per day, $400 for one week.

The increasingly business-like approach to cybercrime includes a broad support structure such as training, recruitment, money laundering. and escrow services. Some even offer 24x7 telephone support and money-back guarantees on their products.

However, unlike cybercrime and its costs, cybersecurity budgets are increasing at a much slower pace. A recent report puts the cybersecurity market forecasted to grow at a compound annual rate of 12.88% from 2017 to 2021.

The reality is that attackers will find a way into your systems, says Kevin Walker, security chief technology and strategy officer for Juniper Network’s engineering organization. “Rather than assume we can build unlimited defenses, we should focus on ensuring that our most valuable assets are stringently protected and routinely reviewed for access.”

A business approach to effective security should start with the network, because it is the engine that makes the increasingly digital world run, Walker suggests. For example, Juniper’s Software-Defined Secure Network platform combines policy, detection, and enforcement with a comprehensive product portfolio that centralizes and automates security. Built around automation and machine learning, its approach leverages cloud economics to find and stop threats faster, and provides end-to-end network — both physical and virtual — visibility that optimizes your cybersecurity.

With cybercriminals’ business-like approach to a growing array of prey-and-pay attacks, your cybersecurity must also evolve to protect your digital assets — data, applications, devices, networks, people, and an acceptable user experience. A comprehensive strategy that is flexible, agile, prioritized, and cost-effective is the new formula for cybersecurity success.


Copyright © 2017 IDG Communications, Inc.