Hackers also have financial reports and quotas :)


“Chief Hacking Officer: Yevi, how are you doing with the London bank hack?”

“Yevi, I think we are fine; we should have something by Friday.

DevOps/Cloud-Native Live!  Boston

“Chief Hacking Officer: What? You did this hack two weeks ago!

“Yevi, yes, well, I hope it’s okay. Security is a bit difficult inside.

“Chief Hacking Officer: when you should never have committed this hack.”

Dr. Yaniv Harel, Senior Vice President Cyber ​​Defense at Sygnia, was speaking at a conference on the future of cyber and fintech in Israel:

“We recognize an increase in the concentration and effectiveness of attacks. Today, hackers work in shifts and act like a business organization for all intents and purposes to bring return on investment to their efforts,” Dr. Yaniv Harel, SVP Cyber ​​Defense at Signia, told a conference. on the future of cyber and fintech in Israel.

Have global companies ever looked at the monthly losses suffered by cybercriminals and hackers? Has Gartner or Forrester considered doing an ROI or ROA from the cybercriminal’s perspective?

Our industry may be asking the wrong question. We shouldn’t focus so much on the organization’s ROI or ROA around security spending; we should consider for a moment that with every significant security awareness training, every adaptive control and every security policy only makes the task of “being hacked” even more expensive for cybercriminals.

Businesses around the world, for-profit and not-for-profit, all operate under some form of financial system. Each system reports monthly income, donations, expenses, and capital purchases. When a business generates less revenue by cutting costs, it tends to incur a loss. Some months when they bring in more income than expenses, they walk away with a profit. Some organizations will reinvest profits in capital purchases to increase revenue and profit margins. I wonder if pirates live by the same financial model? Are these groups investing in cybersecurity by acquiring tools and talents similar to global organizations? Yes. Many of these tools and skills can be found on the darknet.

According to the IBM Cost Per Breach report for 2019, the average total cost of data breaches increased from $3.86 million in 2018 to $4.24 million in 2019. Organizations with a more mature security posture tend to have lower fees and better risk management than those without. No single investment in cybersecurity will prevent all cyberattacks or reduce the volume of a cyberincident. Spending on cybersecurity tools, security personnel, upgrading the security operations center, and security awareness training is an aggregation of efforts to reduce the overall risk position of the organization. The scaling of the cybersecurity landscape and organizations’ digital transformation projects have driven the need for higher cybersecurity investment priorities.

Ransomware attacks, phishing attacks and business email compromises continue to affect businesses more frequently than a year ago. The budget for cybersecurity and off-budget cybersecurity spending affect the profits of organizations. As the cyber threat landscape continues to evolve, CIOs will attempt to increase their cyber spend with multiple lines of defense within the environment to minimize the damage from breaches.

I had the displeasure of meeting a global hacker on a trip to Taiwan in 2016. While staying at the Taipei Marriott, I noticed a youngster sitting in the rooftop executive lounge. How he got there, I have no idea. As I was working I kept hearing a clicking noise coming from this guy’s direction. Eventually I got up to get some more coffee and made a straight line to that table. He was taking pictures of my computer screen. He seemed very calm as I approached him. “Hey, if you want a better one, you might want to come sit in my chair.” The kid didn’t blink. I just smiled and went back to my seat. Moments later, the kid sat down at my table with a view of Taipei.

“Can I take a picture of your laptop? asked the kid. Smiling, I said “Sure, let me close everything first.” Looking defeated, the kid looked at his feet in dismay.

“Listen, you wanted to see something on my laptop; what is it exactly? Are you looking for?” I asked. After a few moments, the kid finally answered. “I was sent here to steal information from foreign computers.” I nodded without much surprise. money and I have nothing. Someone told me they would pay me if I could recover pictures from a foreign businessman’s computer.

I opened my laptop and let the kid take some pictures. I even told him that my password was “admin123”. Of course he wrote it.

The kid looked at me: “I have no life; it is all I have. He then explained how this hacker outfit worked.

“I have a territory given to me by my boss. I have a technology park in the west and south of Taipei. I go to companies that look like delivery drivers and food delivery couriers. These guards let me through because they think I’m only here to bring food and flowers. Every week I have to commit to stealing a lot of information and credit cards. My boss holds a weekly meeting with all the team members. He reported to someone in Shanghai everyone’s total hack money for the week.

At that point, my head started spinning, thinking I was back in a regional sales forecast call at Cisco System.

Many businesses are difficult to break into. My boss gives us a few dollars for food and rent a week. If we don’t make money hacking and stealing, our boss and his boss are losing money! I gave the kid a rough look, “we have bosses, quotas and rent to pay.”

After this young man left, I started thinking about how security professionals can turn the tide against hackers.

Thinking about the moment in front of a client CFO, “what’s the return on investment here if I buy your security product?” I realized that our industry viewed security spending incorrectly.

Yes, denial of service attacks, high profile incidents like account takeover, and other cybersecurity issues will happen. Organizations face the lack of a global talent shortage for their cybersecurity teams. Security breaches cause predictable financial damage to the organization. In many cases, more than the amount spent on network security, cloud security, and artificial intelligence combined. The information security officer has multiple responsibilities to the organization, including protecting the security of all company assets and resources. The CISO also defines the executive security standards, the cybersecurity functions that the organization will deploy and aligns them with all business priorities. Faced with all manner of risks, including zero-day attacks, network security equipment failures, and ongoing cybersecurity threats from criminals around the world, the CISO must place those security investments in the places that will the greatest impact on the body. Not all potential cyber threats or events can be protected. The CISO relied on security intelligence from third-party resources and security organizations to gain insight into threats and severity level. The Security Office also analyzes the cost of cybercrime to the organization as a benchmark for investment and strategy.

Let any other global company or organization I’m sure hackers have expectations of payroll, expenses and income. If for a moment they decide to hack into a bank looking to steal credit cards or bank transfers. If the bank has recently invested in additional training and technology, as well as a 24/7 managed service, will this make it more expensive for the cybercriminal to hack? What happens to their ROI if the cyberattack fails? How much capital expenditure did the hacker bosses have to shell out for this hacking event?

Every dollar spent on cybersecurity makes it more complex and costly for cybercriminals to execute their plan.

During their “due diligence” as their hacking teams conduct their reconnaissance, they determine that access will be more difficult and take longer. Along with being more aware of getting caught, they will consider moving on to a lesser target. This alone could explain to the CFO and CEO why cybersecurity continues to be a high priority in the organization.

Until next time,

John

Previous DOJ seizes proxy service as US and partners hit Russian hackers
Next Indian cyber agency alerts users to several bugs in Adobe, Telecom News, ET Telecom products