In the early 1970s, a former air force radar technician living in California discovered that the promotional whistle included in boxes of Cap’n Crunch cereal generated a tone that he could use to make long distance phone calls for free. So he did.
His name was John Draper, and his whistle exploits are often credited as the first case of cybercrime. His actions brought to light a very real need for a new kind of vigilance in technological commerce, and as it turns out, an entirely new industry.
Estimated to be a $200 billion a year business, its impact is universal – touching the private and public sectors as well as individual consumers. Even the $200 billion estimate could be low, as tracking spending has become almost as hard as curtailing cybercrime itself.
According to Cybersecurity Ventures, it is estimated that losses due to cybercrime outpace spending to protect against it by a factor of 6. That would mean a staggering $1.2 trillion is lost every year.
In an age when data can be currency, both figuratively and literally, organizations thoroughly protect themselves from cybercrime as a necessary part of doing business – just like they would hire an armoured car service in the past, right?
Unfortunately, that’s not always the case. The ubiquitous nature of today’s sprawling electronic highway makes identifying the lines of responsibility blurry at best and impossible at worst. Many CEOs and business owners choose measured approaches – balancing risk with cost and efficiency. With high profile cyber-attacks on the Pentagon and routine warnings about the susceptibility of transit systems and the electric grid, often the perception in the private sector is that responsibility for cybersecurity falls disproportionally to the public sector.
Forbes reported in their March 2018 article, “Cybersecurity By The Numbers: Market Estimates, Forecasts and Surveys,” only 36 per cent of senior IT professionals say their leadership see cybersecurity as a strategic priority. 68 per cent of cybersecurity professionals say their CEO demands DevOps and security teams abstain from anything that slows business down.
Those statistics, and the fact that in most countries government collaborates with private businesses through contract work, making cybersecurity tantamount to national security – have many fearing the worst.
- Computer and Network Intrusion
According to the United States Federal Bureau of Investigation, billions of dollars are lost every year repairing attacks that take down systems or disrupt them. Data breaches have become a daily occurrence and even the largest organisations are not immune. The personal information compromised by these attacks can affect hundreds of millions, as in the recent cases of Equifax, Adult Friend Finder and eBay.
The attacker uses a form of malware to encrypt files and then demands a ransom to release them. Ransomware largely accounts for the epidemic levels of recent cybercrime. Europol (The European Union Agency for Law Enforcement Cooperation) emphasised the seriousness of the threat in their annual report for 2017 and pointed to attacks such as ‘WannaCry’ that affected millions of computers.
Unsurprisingly, the FBI has a pretty good idea who is behind the cybercrime. From the FBI’s official government website:
“It runs the gamut – from computer geeks looking for bragging rights…to businesses trying to gain the upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets…to spies and terrorists looking to rob our nation of vital information or launch cyber strikes.”
One factor contributing to the escalation and expansion in online crime is the growing sophistication of the cybercrime community. Criminal groups are working together like never before, carving out their own sub-niches in the cybercrime marketplace, and offering sophisticated illegal services for profit.
The New Players
A sizable chunk of the estimated $200 billion a year spent on cybersecurity is going to someone, but the “who” has very recently changed in a big way. Once practically a cottage industry of anti-malware, virus and firewall companies on national or even regional levels, the new players in cybersecurity are heavyweights poised to elevate the industry far beyond cottage status.
Amazon, Apple, Cisco, Dell, Facebook, Google, IBM, Intel, and Microsoft to name a few, are either enthusiastically entering the cybersecurity industry, or actively attempting to grow their stake in it. The interest of these goliaths confirms what experts have been trumpeting: cybersecurity is currently the fastest growing tech sector.
In 2018, there’s a very good reason.