State-sponsored groups are the behemoths of the threat landscape, with the largest pool of financial and technical resources. While their objectives in targeting government and commercial information are well documented, less obvious assets be targeted, such as human resource files. These attacker groups are proving that they can move at lightning speed, driving to achieve their objective before they are detected.
Until a few years ago Britain’s Government Communications Headquarters, or GCHQ, which has about 6,000 staff at its head office, was largely sealed off from the outside world, but that is changing rapidly. GCHQ is playing a central role in developing a cyber-security industry, in which Britain is one of the West’s biggest players, along with America and Israel. GCHQ has created sites where its experts can work with tech companies and Britain’s National Cyber Security Centre (NCSC) was set up in London in 2017 and has a national budget of £2.48-billion. The organisation also launched its Cyberfirst programme, which sponsors undergraduates to study for careers in the cyber-security industry.
Strong IT security will enable organisations to win customers and retain customer loyalty. Across several B2B and B2C sectors, from finance to pharma, recruitment to retail, having a trusted and provable security posture is an essential requirement for new customers to do business with an organisation. This has often been posited, but was recently proved in a survey by Vodafone where 90% of businesses said strong cyber security would help their reputation in the market, attract new customers, and improve customer loyalty. Put simply, better security leads to stronger sales and greater customer retention. Strong security will also give confidence to an organisation when expanding into new territories or markets. It is effectively a behind-the-scenes insurance policy and a detection and response program will relax restrictive preventative controls, increase productivity and reduce shadow IT. Encouraging encryption also helps ease spying concerns, since intercepting data would produce only gibberish. Networks should be defended in depth. Attempts to keep intruders out should be backed by monitoring to spot those that nonetheless get through, and systems designed to limit the damage they can do. Computer security, like all security, is about trade-offs, not absolutes and a well-handled security breach can actually boost brand equity
From the attacker’s perspective, cyber-enabled crime, be it fraud, theft or money laundering, is cheaper, carries lower risk and yet has the same, if not better, potential for reward than ‘traditional’ methods. As banks introduce more products and channels in a bid to grow, cut physical locations or compete, so will their attack surface increase. Banks no longer have a single front door for each branch, leading to a single vault, and the number of doors is increasing as banks add new services. Taking the long view, customers have gone from using a single bank book in a single branch to multiple branches, credit and debit cards, ATMs and phone banking through to internet banking and mobile apps. Midsize institutions must now consider the security on systems owned or controlled by customers and suppliers, and the data and access their systems hold on to. Interconnectedness on the system side. i.e. payment platforms, interbank transfer systems and the like, have also meant that an attack on one of these systems can have repercussions across entire economies and sectors.