Cybercrime is not just a technology problem, it’s a people problem. People are not peripheral to the process, but central to it. Cybercriminals actually teach us the importance of good defense in response.
They teach boards the importance of security. But what other things do cyber criminals teach us all? What lessons might we draw from the cybercrime marketplace?
The proliferation of Internet of Things devices grows at an astonishing pace, and those that have the funding or executive support may fare better than the poor, overworked system admins and developer teams whose plate is brimming with demands for design by function over security form.
To become profitable, cybercriminals have applied the same market dynamics to the criminal world as they do in the business world.
Your platform and your service need to be valued. It should be easy to use, trustworthy and easily accessible. Criminals have realised that it is all about the user experience.
In this presentation, Narelle Devine CISO APAC at Telstra, highlights this key message: Cyber security professionals need to meet users where they are and CISOs should be the collective enablers.
Security that comes at the expense of convenience ultimately comes at the expense of security.
- The costliest part of a breach can often be the recovery.
- What began life in the eighties as a niche group of hackers and I.T. enthusiasts looking to explore holes in technology has morphed into a conveyor belt industry of industrialised cybercrime where those with the requisite skills, knowledge and resources rent these attributes out to other criminals for nothing more than a fee.
- Training humans not to make human decisions is not the answer. We should continue to develop processes and controls that account for human error because humans make mistakes.