The City of London police commissioner Adrian Leppard recently spoke at an industry conference where he said that incidences of cyber crime are significantly underreported to police, with only 20 percent of cases being reported. Leppard blamed unwillingness by organizations, particularly banks, to report breaches, a lack of police capability to respond, as well as the international nature of cyber crime. Leppard insisted that the way cyber crime is dealt with needs to fundamentally change as the traditional police approach to crime of gathering all the details to understand what has happened before dealing with it does not work when it comes to online threats.
What Adrian Leppard has said rings very true for those of us working to tackle cyber crime at the front line. While his comments mainly call for a change in the way the authorities deal with the investigation of threats, organizations themselves should also take heed of his warnings. Cyber criminals don’t care about a couple of firewalls or other point security solutions—they can, and will, easily get past them. Attempting to prevent a breach has therefore become relatively futile, and instead focus needs to be placed on identifying and dealing with threats as quickly as possible.
Every organization in every industry is at risk. Anyone reading the news recently will know this—from bugs in software, to malicious insiders, as well as outsiders, the cyber landscape has become incredibly treacherous and requires a dedicated and long-term strategy to safely navigate. By reducing the amount of time it takes to detect and respond to the breaches businesses have a far greater chance of containing any damage. We need to make everyone aware of the fact that the time between detection and response is when they are at their most vulnerable, and without a strategy in place to effectively and efficiently deal with the problem, the consequences could be far reaching.
As such, businesses need to take an intelligent approach to security, ensuring that they are continuously monitoring their networks so that they can identify and deal with any threats as soon as they arise. With so much data now crossing networks, security teams can struggle to distinguish the good from the bad and adopting a security intelligence model is the only way to see the wood from the trees. The authorities can only work with what they are given, and every organization needs to give them a helping hand by ensuring they have the right systems in place to limit the threat at the source.