As with previous years the threat of cyber-crime is continuing to grow. International business and technology consulting firm BAE Systems Detica believe there are five main priorities for organisations wanting to counter the threat this year.
1. Combating the convergence of cyber-crime and financial crime
BAE Systems Detica believes that the single biggest issue that will hit organizations in 2014 will be the rise of digital criminality as fraud becomes increasingly cyber enabled. This will see digital-savvy criminals using cyber and fraud techniques simultaneously to carry out far more complex crimes than previously seen.
Cyber enabled financial fraud will be the cutting-edge of financial crime in 2014 and financial institutions, such as payment and card processors, who are under-sustained and sophisticated attack will need to seek greater integration of cyber and fraud functions internally to counter the threat. BAE stated that those who join up their understanding of cyber-attacks and fraud will be successful and failing to do so will see other incur major losses.
2. Understanding the coming of age of intelligence-driven security
Crowd- sourced behaviour will boom in 2014 across the cyber defence realm according to BAE. The organisation expects to see a significant shift towards intelligence-driven security.
“Leading organisations will seek greater value from the sources available to them, looking to build efficiencies through technology and common language. Operationalising intelligence will be a key theme, as well as well as understanding the value that the distinct and varied information sources add. We expect that organisations which can truly integrate security intelligence into their processes will be those who see the benefits most. Focusing on the threats which are pertinent to each organisation will yield superior defence as well as enhanced awareness across the business community.”
3. Handling the transition from espionage to sabotage and increasing attacks on Industrial Control Systems
Cyber attackers are often able to act with far more agility than defenders, therefore, in 2014, BAE believes that there will be an increasing trend towards cyber sabotage, with attackers seeking to have a direct and overt effect on organizations and nation states’ critical infrastructure.
“Traditionally, industrial control systems operated stand-alone and there has been limited opportunity for remote attack. However, there is an increasing trend towards hyper-connectivity of such systems in order to drive operational efficiencies. This is essential for organizations to survive and grow in the modern world. But, it provides a new opportunity for sabotage to be conducted remotely and deniably through cyber space. Internet-connected industrial control systems will be under threat as hackers attempt to compromise the operation of power, utilities, water treatment and manufacturing plants. 2014 will be an important year to see how business and nation states alike can implement security measures to counter the increased threat of sabotage.”
4. Facing the collision of mobile threats and enterprise security
Attacking mobile devices is rapidly becoming the new normal. This is happening at a time when enterprise environments are becoming increasingly reliant on mobile devices. According to BAE the security implications are still unclear but they anticipate this intersection of an active threat space and corporate networks will result in further incidents on a par with more traditional cyber-attacks.
“Whether this is disclosed widely and becomes a wake-up call to employers’ remains to be seen – many serious incidents are never reported and many more still undiscovered.”
5. Tackling the growing shift towards identity crime
Identity-based fraud crimes are becoming more common and BAE states this has been bolstered by the cyber-enabled theft of customer data. They anticipate an increasing part of payments and card fraud will be driven by identity-based schemes that use stolen and synthetic identities to take advantage of financial services firms’ push to acquire customers.
While it presents a complex problem for financial services firms that extends beyond transactional fraud to a network analysis challenge, as identify theft is typically perpetrated by coordinated gangs, 2014 will see a concerted effort to combat identity crime.
