Cyber security

'Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised, or will be shortly'.
Operation Shady RAT by McAfee: (August 2011)

It is true that we have seen theft of intellectual property on a massive scale
Director of GCHQ

…The threat is a real and credible one… and it’s not going to go away- Director of GCHQ

Cyber-crime is one of the fastest growing areas of illegal activity world-wide, due to the relatively low costs involved for the perpetrators with massive potential returns, driven by the global nature of the internet.

As the Director of GCHQ recently noted: Cyberspace lowers the bar for entry to the espionage game, both for states and for criminal actors.

Whilst Governments and international agencies wrestle with the jurisdictional challenges of identification and prosecution of cyber- crime, and look to create greater trans- national cooperation; commercial and governmental agencies remain vulnerable to attacks, particularly in the current economic climate.

Recent research indicates that the economic downturn is creating a significant number of technical experts and business ‘insiders’ who are exploitable by ODCs (Online Digital Criminals). Cyber- crime and espionage are low cost/ high reward activities.

“…the threat of computer network intrusions is the most significant threat we face as a society, other than weapons of mass destruction”.
Shawn Henry-
former executive assistant director- FBI

All of this leads to the inescapable conclusion that any organisation’s Cyber Security is not simply dependent on spending more and more money on technological solutions- ‘A ‘Maginot Line’ approach to (cyber) defence will not be sufficient of itself!’– Bill Lynn, US Deputy Secretary of Defence

A far more holistic approach is needed to identify and defend against the problem. In the first instance it is essential to understand the problem. There needs to be an acceptance that this problem is not going to go away, that this is a business risk, not at IT issue.

Add to this the changes now in process from IPv4 to IPv6 (There is no ‘do nothing’ option) and the reality that this will open up new attack vectors, now is the time to be putting cyber security strategies in place-

The ECA team are acknowledged experts in helping organisations identify and defend themselves against cyber and other forms of intrusion and theft of Intellectual Property in the most efficient, proportional and cost effective manner.

The business strategy of Detect and Deter cyber- risks is far superior to conventional Fail/ Fix.

Back to main Cyber Security Assurance page