Your business faces many threats, both internal and external, digital and physical. The goal of this post aims to help you better assess the obvious and unseen risks to your business in the modern threat landscape. Research findings reveal a rapidly changing business environment; however, they also provide a framework for strategic discussions about modern security you may not have considered.
Danger, danger everywhere. It seems that every week another massive data breach or hack takes over the news. Millions, even billions, of personal information, emails and credit card numbers fall in the wrong hands. Cybersecurity attacks are more common than ever, from botnets and breaches, to viruses, phishing, malware, and ransomware. These crimes cost a fortune and inflict lasting reputational damage to the brands and institutions on whom we rely.
How much does cyber crime cost? Accenture’s 2017 “Cost of Cyber Crime Study” estimated the cost to an average business of $11.7 million.
Cyber crime represents the dark side of the digital revolution. Organized criminals have access to the same state-of-the-art technology. They use the cloud, mobile, encryption, AI, IoT, and all the other transformative technologies. They also have the means, the skills, the motivation and the opportunity to achieve their crimes. That same motivation compels them to innovate and evolve their tactics to avoid detection.
Accenture’s 2017 “Cost of Cyber Crime Study” reports that “Criminals are evolving new business models, such as ransomware-as-a-service, which mean that attackers are finding it easier to scale cybercrime globally.”
The Modern Threat Landscape
That brings us to the grim reality of the modern threat landscape: It’s global, complex, and extremely dynamic. While some cyber crimes have been around since the dawn of IT, new insidious threats constantly emerge as criminals respond to efforts to stop them by switching tactics from one day to the next.
A Moving Target
The 2018 Microsoft Security Intelligent Report, which tracks cybercrime globally, explains this “crime displacement” phenomenon.
When software vendors started improving their built-in security measures, criminals turned to social engineering efforts, like phishing and ransomware. When the market responded to these audacious attacks with “improved detection and education,” criminals quickly shifted gears and switched to other tactics, like cryptocurrency mining.
“The shift demonstrates the fundamentally opportunistic nature of most profit-oriented cyber criminals: they tend to chase the easiest money available, and when the economics of cyber crime change, they are quick to follow along.” - Microsoft 2018 Security Intelligence Report
Beyond Cyber Crime
Of course, businesses should not focus on improving their cybersecurity at the expense of other security layers, such as their physical security. Clever businesses embrace cloud services to plan for natural disasters, to ensure business continuity, and to preempt theft. But as a matter of common sense, businesses should consider real-world safety measures—like doors, window locks, an alarm system, and stairwell/parking lot lighting—as much as where they store their data and applications.
An identity-based layered security strategy can help you better defend every layer of your operations—physical spaces, equipment, systems, devices, networks, applications, data, privacy, you name it—from digital and physical, as well as internal and external threats.
A Layered Security Approach
Courtney Gibson, BioConnect’s Chief Technology Officer, explains: “The airlines use this fantastic ‘Swiss cheese’ model to approach layered security. They assume that it’s impracticable and impossible to have a single, perfect 100 percent failure-free or defect-free system. Every system they use has holes in it. But when you stack enough of these layers on top of each other the holes eventually disappear.”
Where to Start
You could get exhaustive technical training and join the ranks of cybercrime experts who track and analyze these crimes to develop technologies and practices to protect yourself from them. But that’s probably not practical. You could hire your own topnotch team of security experts to analyze and monitor your environment full time, but you will need a significant budget to do so.
Talk to the Experts
Ultimately, though, the best strategy to protect your interests, and those of your customers and employees, boils down to leveraging the expertise of security specialists. Ask your IT and operations team to share your narrative with us! Let’s look at the invaluable role biometric integrations can play in ensuring your company’s future success.
Know someone who needs to understand why you need to invest in better security? Get them up to speed by sharing this post.