Forty per cent of New Zealand organisations expect to experience cybercrime at some point over the next two years, according to PwC
’s 2016 Global Economic Crime Survey.
However, 55% of them either don’t have an incident response plan for cybercrime, or they have one but it’s not yet operational.
Added to that only 9% had a digital forensic investigator on their first responder teams, which would determine how effectively a breach was handled.
This disconnect was worrying, said PwC
Forensic Services Partner Eric Lucas, who stressed that economic crime was a business issue, not simply an IT or accounting issue.
“In a fast-changing and digitally dependent market, many organisations are not well placed to avoid cybercrime attacks, or if subject to attack, respond to them.
“Only about half of boards ask for information regarding their organisation’s state of readiness to deal with cyber incidents,” he said.
The survey also revealed that the incidence of reported cybercrime among its respondents had climbed sharply this year, jumping from fifth to joint second place among the most reported types of economic crime in 2016 compared to the 2014 results.
Over a quarter of respondents (29%) said they’d been affected by cybercrime, with another 12% not sure whether they had or not.
While all industries were at risk, according to PwC
’s Global State of Information Security Survey 2016, the sector registering the most significant increase in cybercrime activity in 2015 was retail.
Financial services was still one of the most attacked sectors, but had levelled out, with very little growth in terms of number of attacks over the last three years.
Lucas split cyber economic crime into two distinct categories:
- Cyber fraud – monetisable cybercrime such as identity and payment card theft;
- Transfer of wealth/IP attacks – eg theft of critical intellectual property, trade secrets, product information, negotiating strategies etc.
The five categories of threats were nation-states, insiders, terrorists, organised crime syndicates and hacktivists.
Another worrying statistic, said Lucas, was that 51% who said they were not victims had likely been compromised without knowing it.
“A concerning trend we have observed is that hackers manage to remain on organisations’ networks for extended periods of time without being detected,” Lucas said.
“Attackers also are known to stage diversionary attacks to conceal more damaging activity.”
When a breach occurred, it was important to remember that the principles of a criminal investigation still applied, he said.
“In focusing on stopping an ongoing attack and getting back on line, it’s crucial not to inadvertently destroy evidence that could help with that investigation and with preventing the next attack.”