The dark web
What it tells us for financial services
The Cyber threat to Australia’s digital economy is growing in severity with the average cost of a data breach per Australian organisation put at more than $2.5 million a year and rising, according to Ponemon Institute’s 2014 Cost of Data Breach study.
The 2014 Verizon Data Breach Investigations Report also reveals that the average breach in Australia involved more than 20,000 records over the past five years to 2014. And between 2013 and 2014 globally, there was a 25 per cent increase in reported data loss.
These statistics are the tip of the iceberg, especially when you consider that in Australia there is no legislation for breach notification and so there is significant under reporting of cyber breaches.
Increasingly sophisticated risks
Cyber risks are a result of dynamic targeted threats on an industrial, co-ordinated scale. They are complex as well as severe. With organised criminals focused on your digital assets, operations and intellectual property, the risks are evolving faster than businesses can react.
Ninety two per cent of breaches are perpetrated by outsiders who include organised crime (55 per cent), state affiliated hackers (21 per cent), activists (2 per cent) and former employees (1 per cent). Also the extent of cyber-criminal collusion between external and internal parties is increasing, boosting the number of breaches by insiders, which doubled in 2014 to 14 per cent.
More than three quarters of breach incidents are due to weak or stolen credentials while rogue hardware and malware are also frequent causes of breach or service denial. So it is critical that all employees, contractors and suppliers are aware of how criminals are targeting them with well-planned attacks. Attacks can also often be triggered accidentally when well-intentioned insiders click on an email or are tricked to give out information on the phone.
What can be done?
When I was based in the UK and asked to consult to the London 2012 Olympic Games leadership team on cyber incident response, crisis management and forensics, I could see the value of gathering information and insight into what was happening, not just internally in the organisation but also externally on the dark web. This would enable organisations to proactively anticipate what targets were being scanned and what was reasonable to expect and prepare for. The situation then, and still today, is that most organisations are focused on prevention – on building higher firewalls and tougher encryption, as opposed to also anticipating and detecting possible and actual cyber-breaches.
To help organisations get better at monitoring and watching out for any pre-emptive threats, Deloitte set up a network of international cyber intelligence centres (CICs) that could scan the web through a business lens, assist organisations to monitor and respond when hacked – and you will be hacked – and help them build resilience. We developed a network to link the UK, Europe, Canada, United States, Asia and now Australia.
These centres provide clients 24/7 services to help them better protect their critical assets against known and emerging threats across the ecosystem. By helping monitor and watching for any pre-emptive threats, businesses can detect and protect themselves against known and unknown adversarial activity. It’s all about being secure and vigilant, and being sufficiently resilient to recover when incidents do occur.
Businesses need what we term “actionable intelligence” – being able to sift through the raft of information out there to determine the “so what?”. They need to transform how they think about cybersecurity. Cloud computing, the world’s Internet of Things phenomenon where each digital device is interconnected as well as the blurring of the personal and professional and the “always-on” nature of the internet mean that costs associated with breaches are likely to continue to rise each year.
Add to this the Deloitte Reputation@Risk research that shows there is an 80 percent chance of a company losing at least 20 percent of its value (over and above the market) in any single month due to reputation loss from the impact of a crisis, whether that be a cyberbreach or another disaster.
The Deloitte/Forbes strategic risk research shows that regionally, the biggest impact of technology enablers and disrupters one established business models was in the Asia Pacific, which includes Australia, where 98 percent of respondents report a change in their business strategies.
Business leaders need to ensure they are sufficiently informed about the state of cybersecurity in their organisations. With new business models, corporate restructuring, new customer service and sales models, new sourcing and supply chain models and inherently new applications and mobility tools, it is important to prepare for, respond to and recover from growing cyber threats. Knowing the worth of cyber risk will enable your business to safely grow and prosper in cyber space, materially differentiating it from competitors.
James Nunn-Price leads Deloitte’s cyber security practice. He established the Cyber Intelligence Centre concept in 2012, overseeing its implementation in the UK in 2013 and its 24/7 services to clients. He was responsible for Deloitte’s overall information security, resilience and cyber advisory services to the UK government and assisted the London 2012 Olympic Games leadership team with cyber incident response, crisis management and forensics. Nunn-Price is establishing the Australasian arm of Deloitte’s chain of cyber intelligence centres which will link into the recently established Australian and South East Asian arm of the Deloitte global Centre for Excellence for Crisis Management.