It takes a thief: Why we need to keep pace with the tempo of cyber crime

11th September 2019

Charlie McMurdie
Cyber Crime & Security Expert

Cyber criminals move fast.

They are constantly changing tack – experimenting, challenging and, in their own malign way, innovating.

They thrive on finding unexplored exploits and securing the bragging rights that go with them. As a result, new breaches, vulnerabilities and vectors of attack seem to sprout up every week.

Adapting and anticipating an attacker’s next move is one of the biggest challenges facing today’s organizations. But corporate security teams struggle to keep up. While attackers can adapt quickly, businesses can’t suddenly uplift their security postures, their capabilities, their defenses or security budgets.

When I was head of Scotland Yard’s Police National Cyber Crime Unit, it was apparent that the only way to overcome the wave of cyber crime engulfing UK businesses was to try and match the speed, ingenuity and tempo of the methods used to commit felonies. We needed to get better at reading the cyber criminal mind and build adaptable defenses that were as nimble and multifaceted as the exploits used to attack them.

Raising the visibility of suspicious network activity is one of the cornerstones of a fast-reacting cyber security capability.

The need for improved cyber agility

Cyber criminals are very adaptable in what they do. They can change attack vector or re-direct to a different part of the network if they find their first entry point well secured. The speed that bad guys can move at is very difficult for industry to emulate; the speed required to change defenses, and respond to the different threats that are out there.

Cyber security in today’s business environment

Cyber is an integral part of everything that business does. Historically there was a time when security was something dealt with by IT teams working in the basement, but I think we’ve moved on from there. Cyber has become an enabler for business development; promoting an organization for its level of security and cyber security awareness is now a common way to differentiate.

Mitigating the insider threat

I think one of the biggest security challenges we face is around awareness and training. Through error, negligence or those rare cases of malevolence staff have the access needed to wreak havoc on the network. How do you make sure your staff are doing the right thing? With so many people bringing their own device, or working from home, defining the perimeter and making sure everyone connected has appropriate level of security is getting harder.

To catch a thief…

Cyber criminals are constantly testing, trying out different ways of attacking or stealing whatever they want to steal. I think one of the big things for organizations is to constantly test their security strategy and incident response; their understanding amongst their staff; their response from their tech teams; their response from the person who’s going to stand in front of the camera when a breach happens.

When I joined the police force back in 1981 life was very different. Society has changed and technology has changed – so has organized crime. When the internet took hold, criminals were quick to see the opportunities for fraud and theft. We had to change the model of policing in response. Businesses need to keep evolving their own security strategies to improve their adaptive defense capability.

View our full interview with Charlie as part of our Security Begins Here series.