Oct 02 2015

Cyber crime costs the global economy $445 billion a year

Category: cyber security,CybercrimeDISC @ 3:06 pm

by 

A new report – A Guide to Cyber Risk: Managing the Impact of Increasing Interconnectivity – reveals that cyber crime costs the world $445 billion annually, with the top ten economies accounting for more than 50% of the costs. Since 2005 there have been 5,029 reported data breach incidents in the US alone, and at least 200 breaches in Europe involving 227 million records.

It is estimated that the average cost of a data breach is $3.8 million, which is up from $3.3 million a year earlier.

AGCS_Cyber_Crime_full

Source: A Guide to Cyber Risk: Managing the Impact of Increasing Interconnectivity, Allianz Global Corporate & Specialty (AGCS)

Cyber risks are underestimated

Published by Allianz Global Corporate & Specialty (AGCS), the report warns that “cyber risk is the risk most underestimated by businesses” and asserts that “everyone is a target”.

73% of respondents who took part in an Allianz Risk Barometer 2015 believe that underestimation of cyber risks is preventing companies from being better prepared for them. Other hindrances include budget constraints (59%), failure to analyze the problem (54%), IT infrastructure that is too sensitive for major changes (30%) and failure to identify the right personnel (10%).

The US shows higher levels of awareness of cyber risk due to having tougher legislation than other countries. The majority of US states require companies to notify individuals of a breach. Europe is heading in the same direction, with the European Union (EU) currently reviewing its data protection law and planning to introduce more stringent rules in terms of data breaches.

Data shows that cyber attacks are becoming more frequent and sophisticated. The number of detected cyber attacks was up by 48% in 2014 according to the Global State of Information Security Survey 2015.

In order to protect themselves from breaches, businesses should identify key assets at risk and make decisions as to what risks to accept, avoid, mitigate or transfer.

Future cyber risk trends

The AGCS report makes predictions that businesses will be increasingly exposed to risks from the supply chain and that we are yet to witness “a major cyber event of truly catastrophic proportions”.

Jens Krickhahn, practice leader, Cyber & Fidelity at AGCS Financial Lines Central & Eastern Europe, explains:

“Business exchanges with partners are increasingly electronic.

“Even if a company is confident in its own IT controls, it is still exposed to cyber risk through its business partners, contractors and supply chains.”

The Internet of Things (IoT) is seen as one of the biggest factors that will change the face of cyber threats leading to interconnected risks. It will exacerbate vulnerabilities, bringing increasing potential for physical loss and data breaches.

ISO 27001 and cyber risks

Management of information security risks is at the core of the ISO 27001, the international standard that sets out the specifications of an information security management system (ISMS).

ISO 27001 requires compliant organizations to carry out risk assessments based on agreed criteria. The outcome of the risk assessment should enable the business to balance expenditure on controls against the business harm likely to result from security failures.

Download IT Governance’s free green paper, Risk Assessment and ISO 27001, to learn more about managing cyber risks.


Tags: cyber attack, cyber criminals, cyber security, cyber threats, Cyber-warfare, Cybercrime


Mar 28 2014

How organization can handle cyberthreats

Category: cyber security,CybercrimeDISC @ 12:13 pm

CyberActivisim

CyberWar, CyberTerror, CyberCrime and CyberActivism

Successful cyberattacks can damage your organization, no matter who is behind them

The goals of the cyberterrorist, the cybercriminal, the cyberactivist and the state-sponsored hacker may not be the same – but the outcomes can be equally devastating. Each can cause serious challenges for your organisation, ranging from information theft and disruption of normal operations to loss of reputation or credibility.

Cyber security is much more than technology

Many books on cybersecurity focus on technical responses to these threats. As important as this is, human fallibility and other known vulnerabilities will still allow hackers to easily break into a system that has not taken account of these factors.

CyberWar, CyberTerror, CyberCrime and CyberActivism encourages cybersecurity professionals to take a wider view of what cybersecurity means, and to make the most of international standards and best practices to create a culture of cybersecurity awareness within their organizations that complements their technology-based defences.

A cyber aware workforce equals better security
This second edition takes a deep look at the changing threats in the cyber landscape, and includes an updated body of knowledge that describes how to acquire, develop, and sustain a secure information environment that goes beyond technology. This enables you to move towards a cyber aware organisational culture that is more robust and better able to deal with a wider range of threats. Related references, as well as recommendations for additional reading, are included at the end of each chapter making this a valuable resource for trainers and researchers as well as cybersecurity practitioners.

Pre-Order this book today and see how international standards can boost your cyber defences. (download – Adobe, ePub, kindle)

About the author
Dr Julie Mehan is the Founder and President of JEMStone Strategies and a Principal in a strategic consulting firm in the State of Virginia. She has delivered cybersecurity and related privacy services to senior commercial, department of defence and federal government clients working in Italy, Australia, Canada, Belgium, and the United States. Dr Mehan is also an Associate Professor at the University of Maryland University College, specializing in courses in Cybersecurity, Cyberterror, IT in Organizations and Ethics in an Internet Society.

Comprehensive Cyber Security Risk Management Toolkit

 

Tags: CyberActivism, Cybercrime, CyberTerror, cyberwar


Jan 25 2013

An Introduction to Hacking & Crimeware

Category: Cybercrimedisc7 @ 11:33 am

ITG Pocket Guide for An Introduction to Hacking & Crimeware is concise subject focused and easy to read. Whether used as a training aid, induction material or just as further reading they offer powerful and valuable insight.

Defend your business, protect your livelihood, safeguard your future.

Cybercrime is on the rise. Unchecked, it could destroy the entire global cyber infrastructure and wipe out many businesses. We need to defend ourselves against it, and we must fight back. Toolkits to create malware are now readily available to anyone wishing to defraud and do damage. For your business to survive and thrive, it is vital to stay informed about the threats and the risks, and arm yourself against them.

Know your enemy

An Introduction to Hacking & Crimeware is a comprehensive guide to the most recent and the more serious threats. Knowing about these threats will help you understand how to ensure that your computer systems are protected and that your business is safe, enabling you to focus on your core activities.

Fighting back

In this pocket guide, the author:
• defines exactly what crimeware is – both intentional and unintentional – and gives specific, up-to-date examples to help you identify the risks and protect your business
• explores the increasing use of COTS tools as hacking tools, exposing the enemy’s tactics gives practical suggestions as to how you can fight back
• provides a valuable list of up-to-date, authoritative sources of information, so you can stay abreast of new developments and safeguard your business.

An Introduction to Hacking & Crimeware: A Pocket Guide (ITG – Softcover, Adobe, ePub, Kindle)

An Introduction to Hacking & Crimeware: A Pocket Guide (eBay)

An Introduction to Hacking & Crimeware: A Pocket Guide (Amazon)

Tags: Commercial off-the-shelf, Computer crime, Crimeware, Cybercrime, eBay, Hacking & Crimeware, Hacking tool