Cyber Security Defence the Challenge
The Jasper International Academy Centre for Cyber Security Defence and Economic Crime Prevention Skills was established to provide courses, qualifications, training and consultancy to organisations in order to provide employees with the skills and knowledge necessary to minimise exposure to external and internal criminal cyber and fraud activity.
The outdated idea that cyber security can be managed and solved by IT specialists alone is as far from the truth as is possible. Understanding how IT departments function quickly makes you realise that the size of the task in protecting the business is not just a technology and network issue, the problem sits as a companywide and whole workforce initiative, and requires the breaking down of the natural internal silos that exist between departments and managers.
Cyber and economic crime is the scourge of the modern internet age where the quest to satisfy consumer and business demand for convenience through instant online transactions has also created new opportunities for unprecedented criminal activity as evidenced by news headlines on almost a daily basis.
The concepts of cyber-crime and financial crime share an unsavoury connection. Cybercrime basically refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the ‘target’. Cyber-crime is often understood to involve the behaviours of ‘hackers’ and those who wish to do some kind of malice or harm by such a motive, and thus not necessarily for financial gain. This gives a narrow framework of explanation, but when we set this concept against financial crime, the issue suddenly explodes and runs along many pathways to connect with fraud and other financial crime in some form or another. Many so-called ‘traditional’ types of frauds are still committed, but with new cyber-tools of crime to do so.
Then, of course, is the fusion of the two of these concepts, whereby criminals will use hoax, impersonation and other con methods to deceive and make gains from victims with the interchange of computer use, in business and home environments, such as obtaining private data and bank details.
Hence there is an inevitable growth and overlap between Cyber-crime and financial crime such as a growth in fraud and money laundering.
Dealing with the Challenge
There are TWO MAIN AREAS involved in Corporate and Personal PROLIFIC SECURITY VULNERABILITY:
Technology, this is the EASY PART:
With the right hardware, software, encryption and penetration testing most systems can be made secure.
Human Factor CHALLENGING:
This is the high risk area, most organisations spend millions on the technology hardware, software, network forensics and monitoring systems but completely overlook that the main vulnerabilities and back-doors sit on the desktops of most of the day to day technology operations of the workforce.
For example spear-phishing emails often result in drive-by downloads, a silent malware download that takes place in the background without the user’s knowledge. Drive-by downloads are enabled by vulnerabilities in user applications like browsers or browser plug-ins, in Java applications, Adobe Acrobat and many others.
There are THREE AREAS in DEFEATING this GLOBAL ONSLAUGHT:
- Threat | Analysis
- Understanding | the Enemy
- Mounting | Your Countermeasures Effectively
And there are THREE Pillars for SUCCESS:
- Defend | Active Cyber Defence (ACD) is the principle of implementing security measures to strengthen a network or system to make it more robust against attack.
- Deter | Cyberspace is only one sphere in which we must defend our interests and organisational sovereignty.
- Develop | Sets out how you will acquire and strengthen the tools and capabilities that your organisation needs to protect itself from the cyber threat.