Threats Are Omnipresent But You Have Options

By Patrick McGlone, Director of Communications, Global Resilience Federation

SINGAPORE- 11 June, 2019- The think tank Center for Strategic and International Studies puts the cost of global cybercrime at the equivalent of nearly S$819 billion per year. It estimates that up to a third of that cost is borne by East Asia and the Pacific, the highest of any region analyzed.

Singapore, meanwhile, boasts a GDP within the top fifty nations, worldwide. This economic success makes it a target for cybercrime in an area already heavily impacted. In addition to financial motivations, its government and businesses must contend with the typical political and economic espionage, hacktivism and other computer-related criminal acts common in a growing cyber threat environment.

The Cyber Security Agency of Singapore reported for 2017:

  • 2,040 website defacements

  • 23,420 phishing attempts using Singapore URLs

  • 750 Command and Control (C&C servers)

  • Daily average of about 2,700 botnet drones with Singapore IP addresses

  • 25 cases of ransomware reported

  • 5,430 cybercrime cases reported

  • Annual growth in cybercrime from 15.6% to 16.6% of total crimes

To meet this challenge, companies are spending enormously on training, security tools, cyber insurance and mitigation consultants. And they often defend themselves independently, occasionally working with law enforcement. However, in a growing number of industries there are now collaborative communities for businesses to exchange security information, for mutual defense.

Just as we see threat actors working collectively, obtaining malicious solutions from forums and sharing criminal best practices with peers, responsible security professionals can also support each other.  

In the last few years there has been significant maturation in information sharing and analysis centers or ISACs. These bodies operate in a hub-and-spoke model in which members from a certain industry or region gather to share cyberthreat data to centrally located analysts, who enrich and disseminate intelligence back to the community.

In this model, businesses can engage to exchange security information on phishing campaigns, malware attacks, systems vulnerabilities or other threats in order to strengthen each other with indicators and prevent incidents before they can impact the broader group. These communities typically adopt rules to manage the dissemination of the information, allowing anonymous sharing to protect companies’ reputation.

Simply put, this is a cost-effective model for crowdsourcing additional security but among a vetted, trusted group of professionals with a common interest, using common technology and with supporting, independent analysis.

With impacted businesses spending an average of S$3.55 million as a consequence of malware attacks, it makes sense to band together. If responsible actors can make it harder for criminals to steal, manipulate or impact an industry or region, the financial determinations by criminal enterprises will shift. Even irresponsible nation-states operate on limited budgets.

Operating independently, many companies are a more appealing target with static security practices and information streams. By pooling data, best practices, analysis and warning, companies can gain a competitive edge that strengthens their security and in turn, their financial position and continued reputation.

To learn more about the power of threat information sharing within an ISAC, attend Global Resilience Federation’s workshop at the upcoming RSA Conference 2019 Asia Pacific & Japan:

Kunal Sehgal, Manging Director at GRF APAC will speak on Going Beyond Defence in Depth… Becoming Proactive!

Cyber threats are ever evolving. A typical organization is never short on the number of threats it faces and ends up playing a resource intensive catch-up game that is never ending. How could security operations be realigned to be proactive? How could intelligence be used to forecast and mitigate threats, even before they become a concern to the organization?

Cynthia Camacho, Global VP of Community Development at GRF will speak on Trust-Sourced Intelligence Sharing Against Pervasive Threats

The talk will outline the importance of government/private sector partnerships and how industry and cross-sector intelligence sharing can complement vendor feeds in protecting a company’s security infrastructure by leveraging a hub and spoke design. Also joining in the talk will be a representative from Cylance.

A free seat at the workshop is available with a Visitor Pass or register for a Full Conference pass for complete access to the 3-day conference.

Original blog source: https://www.rsaconference.com/blogs/threats-are-omnipresent-but-you-have-options

Pat McGlone