Enterprise Services Blog
Get the latest thought leadership and information about the role of Enterprise Services in an increasingly interconnected world at HP Communities.

Stopping Cybercrime from the Inside Out

By Andrzej Kawalec,

Chief Technology Officer (CTO) for HP Enterprise Security

 

The digitalization of our lives has radically changed the way we live, love, work and play. Unfortunately, it has also changed the way cyber criminals prepetrate felonies.

 

How do you identify the faceless?

We live in a world where bank accounts and even national secrets are code.jpgripped apart and sold to the highest bidder. Whereas infamous criminals of the past like Al Capone and Butch Cassidy had to avoid “wanted” signs as they physically moved large sums of cash. Today’s cyber criminals are able to commit their crimes with a great deal of anonymity.

 

Cyber criminals are faceless. They operate in a sophisticated and vertically-integrated global network, generating more than $104 billion in illegal revenue each year and perpetrating 16 cybercrimes per second. These acts often blend together traditional crime with cybercrime.

 

It could already be happening, without your knowledge.

For example, a global criminal ring recently hacked into a bank’s network to increase pre-paid debit card accounts to an unlimited level. They then sent those details around the world, and had well-coordinated gangs withdraw handfuls of cash from ATMs. One gang in New York City hit 2,000 ATMs in a matter of minutes.

 

On average, criminals can hide inside networks for upward of eight months, taking their sweet time to understand business’ systems, applications, customer and employee details, and even intellectual property. And, as cyber criminals become more sophisticated, it’s taking victims even longer to recuperate after a breach.

 

Cybercrimes can inflict several levels of material damage to businesses regardless of industry, sector or size.

There are three different types of collateral damage that result from a data breach:

  1. Monetary - Data breaches are getting more costly every year. In 2010, a data breach on average cost about $3.8 million on average. By 2020, a data breach will cost over $17 million.
  2. Brand reputation - After a company experiences a major data breach, customers often don’t trust the brand of the company anymore. There have been a number of cases in financial markets where companies that have been breached have lost as much as 30 percent in their market capitalization.
  3. Intellectual Property and Trade Secrets – These are the damages that the company may never see. The best example is when a company experiences a data breach, and then one of their competitors uses this information to undercut them in the market, resulting in monetary damage that is much less tangible then dollars and cents.

The bad news is, the way our industry has traditionally handled cyber security actually hands a huge advantage to the criminals. We share our security standards and vulnerabilities, but so rarely share how the criminals got in and what information they are after.

 

We’re losing the battle – but we don’t have to.

To help put a stop to cybercrime, security professionals have to get inside the crimnials’ heads and use their own tricks against them.

 

Cyber criminals have learned that pooling intelligence leads to great rewards. Let’s take a page from their playbook and share our security intelligence with one another. Without doing so, we’re giving the cyber criminals the tools they need to perpetrate the same crimes over and over again around the world.

It’s a scary world, but we shouldn’t have to go at it alone. Let’s band together to stop the adversary. Learn more about how HP is stopping the adversary by sharing cyber intelligence among its security clients.

*According to HP research estimates.

 

About the author

Andrzej Kawalec.jpgAndrzej Kawalec, Chief Technology Officer (CTO) for HP Enterprise Security, is responsible for HP’s Information Security strategy, solutions, portfolio, and market-facing activity. He leads a global research and innovation team, with a particular focus on cloud, consumerization, cyber security, and the business risks surrounding information security systems, policies, users, and processes.

 

 

 

 

 

Related links

www.hp.com/services/security

HP Threat and Vulnerability Management Services: Get vulnerability and hacking

services delivered by experts

Risks, trends, and disrupters: CISOs most adaptable to change will survive

The University of Nottingham benefits from enhanced risk and threat management

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation