Adopting the Attacker’s MO: The Ideal Cybersecurity Defense

Corporates in the region clearly prioritize cybersecurity – by 2020, Asia-Pacific will have splurged US$22 billion on critical security infrastructure according to ABI Research – yet, they are becoming more susceptible than ever to cybercrime. Cyber-attacks cost enterprises in the region a whopping US$81 billion last year, nearly one-third of global costs (The Grant Thornton International Business Report, 2015). Furthermore, recent high-profile attacks on highly lucrative banks and companies in Japan, Bangladesh, Thailand the Philippines, Taiwan and Vietnam suggest revenue losses amounting to tens of billions of dollars. Although cybersecurity now sits at the top of the boardroom agenda and enterprises are clearly spending copious amounts on it, why is it not paying off? Why are they struggling to keep pace with the efficiency of the dark market?

Uncovering core weaknesses

A major part of this stems directly from our dependence on digital technology. As organizations deploy more sophisticated technologies to catalyze improved performance, this creates new vulnerabilities that criminal groups are quick to take advantage of and monetize. Every day of every year, new vulnerabilities are being identified and exploited with breath-taking rapidity.

Furthermore, the digital crime market is a highly sophisticated system in which attack tools are constantly developed and sold to criminals, supported by high levels of R&D spend. The methods used by the criminal entrepreneurs who operate in this market are always changing, and this very agility makes it extremely difficult for legitimate businesses to keep pace.

Organizations are also suffering from outdated, emotional and sometimes impulsive buying behavior when it comes to security investment. The attitudes across companies also reflect this sentiment – few can confidently say they are doing enough to prevent attacks. When asked about measures to combat security breaches perpetrated by organized crime, majority (78%) of respondents were not fully prepared, according to Taking the Offensive, BT and KPMG’s 2016 research report.

Taking the fight to the attacker

To be simply defensive, i.e. putting up security barriers to keep criminals out, is a good start but far from sufficient. Businesses need to be proactive, and learn how to counter the many-headed Medusa of cybercrime through deploying criminals’ modus operandi against them. There are three ways in which organizations can do this:

1. Think like a criminal

Organisations must learn to view business as a criminal would, and start gathering intelligence on the changing criminal tactics and new threats. Cybercrime is no longer a technical issue for the security team alone; senior executives must create a closer working relationship between security and fraud control teams to detect and block patterns of cybercrime. They must also plan and exercise cyberattack scenarios to educate the entire organisation and streamline the response process.