Anyone who studies the activities of organised cyber crime groups cannot fail to be impressed by their creativity, innovation and adaptability. Cyber criminals are applying to online fraud the kind of resources and effort once associated with the narcotics trade. They have created a low-cost business model targeting an endless sea of possible victims across the internet, which is yielding hundreds of millions in revenue every year.
Banks and financial institutions are well aware of the risks posed by malicious cyber activity. However, because most of this activity takes place in underground forums, few institutions recognize how rapidly the threat environment has evolved. And risks are growing. In the past year, the number of accounts compromised by credential theft and fraudulent transactions tripled. Losses from account takeovers topped $5 billion in 2017, according to the research firm, Javelin, up 120% from the previous year.
All companies are vulnerable to cyber attack, but none more so than small and midsize businesses (SMBs) that are generally less well-defended and have fewer resources to make up the gap. For these reasons, they have become a favorite target of cyber criminals. In 2017, almost two-thirds of all cyber breaches targeted small businesses, up from 53% in 2016, according to the Verizon Data Breach Investigations Report.
In the engine room of any company, new regulation tends to be experienced as a burden, not an opportunity. But the new EU data protection laws which take effect in May offer Boards the chance to bring about a fundamental shift in corporate attitudes to the use of data and to cyber security. The leadership of companies can use GDPR to understand their own business better, to the benefit of their own digitization projects, as well as their security and reputation. Nor is this shift stopping at the borders of Europe; it will have a significant impact on any company doing business in or with the EU, and affect much of its supply chain.
Family offices, private equity firms and small to midsize financial services organizations hold special appeal for cyber attackers. They give criminals potential access to large sums like at big banks and institutions, but often lack the same well fortified defenses. In 2017, almost two thirds of all cyber breaches targeted small businesses, up from 53 percent in 2016, according to the Verizon Data Breach Investigations Report.Read More
Anticipating attacks, responding to them in real time, setting traps to contain them, and protecting assets according to their value can help companies stop sophisticated cybercriminals.Read More