This page contains a Flash digital edition of a book.
The shadowy world of cyber- crime is increasingly infringing on the real one and businesses’ most dangerous enemies are lurking just behind the computer screen.


I


n this uncertain and dangerous world, it can feel like there is nothing an organisation can


do to avoid a malicious attack but there is always a resistance front and we are going to share with you the advice that could save your business.


There are signs that the Internet might break up into national segments. Snowden’s revelations have intensified the demand for rules prohibiting the use of foreign services. Individual countries are becoming reluctant to let a single byte of information out of their networks.


These aspirations will grow ever stronger and legislative restrictions will inevitably transform into technical prohibitions. The next step will most likely be attempts to limit foreign access


to data inside a country. As this trend develops further it may lead at some point to the collapse of the current Internet, which will break into dozens of national networks. The shadowy Darknet will then be the only truly world-wide web.


In the meantime, businesses continue to face attempts by cyber-criminals to access and steal data from their organisations. While it’s easy to read the headlines and draw the conclusion that targeted attacks are a problem only for large organisations that maintain ‘critical infrastructure’ systems, any organisation can become a victim. All organisations hold data that could be of value to cyber-criminals; and smaller organisations can also be used as a ‘stepping-stone’ to reach larger companies.


Most malicious programs are designed to be as unobtrusive as possible, quietly gathering data in the background. This makes them much more insidious than the cyber-vandalism of the 1990s. The financial impact of malware today is much harder to determine, because a victim may not even know that they have been infected, or what data may be have been stolen by the cyber-criminals. Most


attacks are speculative – designed to trap anyone unlucky enough to fall victim to them but it’s clear that the number of targeted attacks is increasing. The aim is get a foothold in a target company, steal corporate data or damage a company’s reputation. Also, we’re now in an era where malicious code can be used as a cyber-weapon: and while an organisation may not be in the direct firing line it could become ‘collateral damage’ if it isn’t adequately protected.


Therefore, it’s important to invest in security, which means developing a security strategy. But it should be one that’s specifically tailored to your business, not one based solely on a generic ‘best practices’ template or loose ‘guesstimates’ about the overall cost of cyber-crime. What’s important is gauging how malware has impacted your business historically and how it might do so in the future. It’s also important to realise that security is like housework – it’s only meaningful if you repeat the process at regular intervals. So you need a mechanism to measure the effectiveness of the security tools you use and you need a process for updating the strategy to meet new threats as they arise.


The future of


22 © CI TY S ECURI TY MAGAZ INE – S PRING 2014


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40