At the World Economic Forum in Davos in January 2014, McKinsey estimated the worldwide cost of cyber-crime to amount to up to three trillion US dollars by 2020. In addition to industrial espionage, this also includes data theft and abuse. Cyber-security experts in companies are particularly troubled by the increasing quality and quantity of cyber attacks. Even large corporations face a wide range of different risks. The Ponemon study “2013 cost of cyber crime” for the German market, for example, reports 1.3 successful attacks per week in each of the surveyed companies.
In addition to defence against possible attacks from the internet, perpetrators and negligent users within the company are a culpable threat. Various studies suggest that approximately 15 to 25 percent of the attacks are launched by insiders. Traditional security tools like firewalls or virus scanners are useless in protecting against this. Defending against internet crime therefore also includes comprehensive analysis of internal risks and monitoring the integrity of critical data and systems.
Important rules for companies to observe:
- Include staff members: Risks and benefits should be analysed and clearly communicated to achieve the required support and acceptance of new security precautions in the company among employees. Staff members should also be prepared for battle in training units.
- Evaluate data: The data requiring special protection has to be defined. It is recommended that the various data types (credit card data, sales data, etc.) be allocated points according to meaning, frequency of use and user and then determining an overall value. If there is no particular reason for saving or transmitting certain data, it should be deleted.
- Keep an eye on existing data: If critical data is saved in different locations within the company network, it should be localized on a regular basis. Data Loss Prevention (DLP) solutions can be used to automatically find, identify and label data periodically.
- Monitor the flow of data: DLP software can also help check and monitor the input and output points of data in the network to determine the endpoints at which data is being used and by whom. This should include printers, scanners, mobile devices and cloud services.
- Implement protective measures: Proactive protection measures such as “digital fingerprints” and encryption can help prevent the unauthorized disclosure of confidential documents in emails. Only authorized recipients can then see the information using the key. Of course other safeguards such as firewalls and virus scanners should be implemented and checked on a regular basis. The log files of these programmes should be checked regularly for suspicious activities.
Many compliance mandates such as PCI DSS (Payment Card Industry Data Security Standard) even explicitly stipulate this type of solution. Companies should therefore ensure professional-grade protection, so that they themselves will not be deemed guilty of negligence in case of cyber attacks.