web analytics

Are We Winning Against Cybercriminals or Losing? – Source: www.databreachtoday.com

are-we-winning-against-cybercriminals-or-losing?-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author:

Cybercrime , Fraud Management & Cybercrime , Information Sharing

InfoSec Officer Shervin Evans on the State of Cyberdefense, Meeting the Challenges CyberEdBoardDecember 9, 2024    

Are We Winning Against Cybercriminals or Losing?
Shervin Evans, enterprise architect and information security officer, Deltec Bank & Trust and CyberEdBoard member

Cybercriminals are launching increasingly sophisticated and relentless attacks in today’s rapidly evolving digital landscape. The potential for breaches and exploitation has increased as the world has become more connected, raising an urgent question: Are we winning the fight against cybercriminals, or are we just sinking deeper into their grasp?

See Also: How to Take the Complexity Out of Cybersecurity

To answer that question, we’ll examine our current fight against cybercriminals, where we’re making progress and where we’re falling behind. I’ll explore how cybercriminals launch sophisticated attacks using advanced technology and global collaboration. In addition, I will discuss how cybersecurity professionals can bridge the skills gap by collaborating, sharing knowledge and using artificial intelligence.

Enhancing threat intelligence sharing and collaboration between the private and public sectors will unite cybersecurity professionals to strengthen our collective defenses. In the ongoing battle against cybercriminals, it’s time to shift the balance.

The Growing Cyberthreat

Cybercrime is growing exponentially, with global costs projected to exceed $10.5 trillion by 2025. Criminals are becoming more organized, utilizing advanced technologies including AI-driven attacks, ransomware-as-a-service and zero-day exploits. These tools empower attackers to strike globally, compromising entire sectors such as healthcare, finance and energy. The infamous Colonial Pipeline ransomware attack and the 2023 MOVEit breach demonstrate how devastating these incidents can be.

Worse yet, cybercriminals collaborate globally. They share resources, tools and even personnel through dark web forums, selling ransomware kits and stolen data. This level of cooperation allows them to launch coordinated and highly effective attacks. Given the agility of these threat actors, defenders are often left playing catch-up, even with the most advanced security technologies in place.

Are We Keeping pace?

Despite increased cybersecurity investments-estimated to reach $300 billion globally by 2026 – the numbers show a grim reality. Breaches are growing in frequency and severity. The challenge lies in cyberwarfare’s asymmetry. Cybercriminals can launch devastating attacks with minimal resources, but defenders must protect vast, complex infrastructures with the constant threat of human error or technological misconfiguration.

While advanced tools such as zero trust architecture, AI-enhanced monitoring and intrusion detection systems are being adopted by companies and governments, gaps remain – primarily due to a lack of coordination, a skilled workforce and collaboration among defenders.

Cybercriminals Team Up – So Should We

Cybercriminals have the greatest advantage of collaboration. They form intricate networks that facilitate tool, tactics and data exchange. They also coordinate attacks, maximizing their impact and reach. To counter this, the cybersecurity community – cybersecurity professionals, security experts, and organizations – must unite and fight back with equal resolve.

1. Sharing Threat Intelligence

A crucial component of defense is real-time threat intelligence sharing. Attackers gain an advantage not by keeping their tactics secret, but by openly sharing intelligence across sectors and organizations. Defenders can use this approach to stay ahead of the curve.

Platforms such as Information Sharing and Analysis Centers, or ISACs, and the Cyber Threat Alliance facilitate this by enabling the exchange of information on emerging threats, vulnerabilities and attack techniques. When one company detects a sophisticated phishing campaign or malware strain, they can immediately share it with others. This allows organizations to bolster their defenses before they are targeted.

Using AI, these intelligence-sharing platforms can be enhanced with automated threat detection. AI tools can sift through vast amounts of data, identify patterns and quickly disseminate insights, providing organizations with early warning systems. For instance, MITRE ATT&CK, which catalogs adversary tactics, techniques and procedures, enables AI systems to track, predict and counter potential attacks across sectors.

2. Using AI in Cyberdefense

While cybercriminals increasingly deploy AI to automate attacks, defenders must use the same technology to their advantage. AI-driven cybersecurity solutions detect and respond to threats faster than human teams in several respects:

  • AI-enhanced monitoring systems can analyze network traffic and identify suspicious behavior, isolating potential breaches before they escalate.
  • Machine learning algorithms can detect abnormal user behavior, flag insider threats or compromised credentials.
  • Automated response systems powered by AI can shut down malicious activities in real time, without human intervention.

By collaborating on the development of open-source AI security tools, cybersecurity professionals can pool their expertise and create powerful defenses that benefit the broader cybersecurity community. Platforms like Snort – for intrusion detection – and Zeek – formerly Bro, for network monitoring – are examples of collaborative tools that when integrated with AI, could further strengthen defense systems.

3. Closing the Cybersecurity Skills Gap

One of the greatest challenges in cybersecurity is the skills shortage. With an estimated 3.5 million unfilled jobs by 2025, the closing the skills gap will require collaboration between governments, academic institutions and the private sector.

AI-powered training platforms can fill this gap by offering personalized, adaptive learning experiences. By simulating real-world attack scenarios, AI can train the next generation of cybersecurity experts, helping them develop critical skills in incident response, ethical hacking and security operations. AI also can identify weaknesses in trainees and adapt the learning process to ensure they are equipped to handle evolving threats.

Capture-the-flag competitions in which teams solve simulated cybersecurity challenges, also offer real-world experience and training. Collaborating across sectors, companies can offer incentives for students and professionals to attend these events, closing the gap between academia and industry.

4. Global Cooperation and Public-Private Partnerships

To combat cybercrime, global cooperation is essential. Cybercriminals operate across borders, making international collaboration between governments, law enforcement and the private sector critical. A recent example is the dismantling of the Emotet botnet, which involved coordinated efforts by multiple countries and companies to take down one of the most dangerous malware infrastructures in the world.

Public-private partnerships must also be used to protect critical infrastructure. Governments and industry leaders should collaborate on creating national cybersecurity frameworks – such as NIST in the U.S., ISO 27000 or COBIT internationally or adapt one that is best suited for you that provide clear guidelines for protecting critical sectors such as healthcare, energy and finance.

5. Collaborative Bug Bounty Programs

Cybersecurity professionals can significantly contribute by identifying vulnerabilities before they are exploited. Bug bounty programs incentivize ethical hackers to find and report security flaws, preventing potential breaches. Collaborative platforms such as HackerOne and Bugcrowd have allowed organizations to crowdsource security, improving their defenses by using the global cybersecurity community.

Integrating AI-based vulnerability scanning into these programs can accelerate vulnerability discovery. AI can perform constant security assessments, flagging potential exploits for further investigation by human experts.

Collaborative Strategies for Fighting Cybercrime

  1. Build threat intelligence sharing networks: Organizations need to join formal intelligence-sharing networks, such as ISACs and CTAs, to rapidly exchange information on threats. AI tools should enhance these efforts by processing and sharing data in real time.
  2. Global cooperation: Cybercriminals operate internationally, so defending against them requires global collaboration. Governments, private companies and law enforcement must work together to dismantle criminal networks.
  3. Foster public-private partnerships: Governments and industries must collaborate more closely to secure critical infrastructure, develop AI-driven defenses and share threat intelligence.
  4. Invest in cybersecurity education and AI training platforms: Closing the skills gap requires investment in cybersecurity education. AI-powered training platforms can enhance learning, while the public and private sectors collaborate to offer hands-on experience through programs like CTF competitions.
  5. Utilize AI for detection, response and prevention: AI-driven monitoring systems and automated response platforms should be widely adopted to detect and neutralize threats in real time. Collaboration between companies and AI developers will be crucial to staying ahead of cyber criminals.

Are We Sinking or Swimming?

Despite increasing cyberthreats, the answer to whether we are winning or sinking deeper lies in collaboration. Cybercriminals are teaming up, pooling resources and launching sophisticated attacks. Cybersecurity professionals, security experts and organizations must do the same, combining forces to share knowledge, develop new technologies and close the skills gap.

The use of AI in cyberdefense provides a crucial advantage, helping us detect and respond to threats faster than ever before. But technology alone won’t win the war. Collaboration across sectors, industries and countries is essential to building a resilient defense system. By working together, we can prevent the world from sinking into chaos of unchecked cybercrime, ensuring a secure and prosperous digital future.

CyberEdBoard is ISMG’s premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.

Join the Community – CyberEdBoard.io.

Apply for membership

Shervin Evans has extensive experience in risk management, compliance, system/network design and crafting robust security strategies. Before Deltec, he played pivotal roles in renowned financial services firms and multinational corporations, enhancing protection for critical assets and sensitive data. He specializes in areas such as cloud security, threat intelligence, SOC implementation, regulatory framework and incident response.

Original Post url: https://www.databreachtoday.com/blogs/are-we-winning-against-cybercriminals-or-losing-p-3777

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Codrut Andrei
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
Secure Software Development Lifecycle Fundamentals...
BUTTERWORTH-HEINEMANN
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
Security Operations Center Guidebook –...
CISO Forum
CISO’s – First 100 Days Roadmap – Your success as a security leader is determined largely by your first 100 days in the role.
CISO’s – First 100 Days...
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report...
National Cyber Security
Cyber Security Toolkit for Boards – Helping board members to get to grips with cyber security by NCSC
Cyber Security Toolkit for Boards...
Harvard Business Review
Boards Are Having the Wrong Conversations About Cybersecurity – Board interactions with the CISO are lacking – by Lucia Millica and Keri Pearlson – Harvard Business Review
Boards Are Having the Wrong...
Vendict
The 2024 CISO Burnout Report by Vendict
The 2024 CISO Burnout Report...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...

LASTEST PUBLISHED POSTS

Cyberint
Retail Threat Landscape Report Q1-Q3 – November 2024 Summary by Cyberint a Check Point Company
Retail Threat Landscape Report Q1-Q3...
NCSC
Protecting Critical Supply Chains – A Guide to Securing your Supply Chain Ecosystem
Protecting Critical Supply Chains –...
Culture AI
Time to Adapt – The State of Human Risk Management in 2024 by Culture AI.
Time to Adapt – The...
National Cyber Security Centre
Engaging with Boards to improve the management of cyber security risk.
Engaging with Boards to improve...
Microsoft Security
2024 State of Multicloud Security Report by Microsoft Security
2024 State of Multicloud Security...
bugcrowd
Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd
Inside the Mind of a...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Lacework
CISO’s Playbookto Cloud Security by Lacework
CISO’s Playbookto Cloud Security by...
MITRE - Carson Zimmerman
Ten Strategies of a World-Class Cybersecurity Operations Center by MITRE
Ten Strategies of a World-Class...
SILVERFRONT - AIG
Identity Has Become the Prime Target of Threat Actors by Silverfort AIG.
Identity Has Become the Prime...
CYZEA.IO
Enterprise Information Security
Enterprise Information Security
IGNITE Technologies
ENCRYPTED REVERSE
ENCRYPTED REVERSE

More Latest Published Posts

WORLD BANK GROUP
Global Cybersecurity Capacity Program
Global Cybersecurity Capacity Program
Gary Hinson
Getting started withsecurity metrics
Getting started withsecurity metrics
EDPS
Generative AI and the EUDPR.
Generative AI and the EUDPR.
Bright
2024 Guide to Application Security Testing Tools
2024 Guide to Application Security Testing Tools
HADESS
Hacker Culture
Hacker Culture
Quuensland Govermment
RISK ASSESSMENT PROCESS HANDBOOK
RISK ASSESSMENT PROCESS HANDBOOK
Ministry of MOS Security
HIPAA SIMPLIFIED
HIPAA SIMPLIFIED
Hacker Combat
How Are Passwords Cracked?
How Are Passwords Cracked?
CIS - Center for Internet Security
How to Plan a Cybersecurity Roadmap in Four Steps
How to Plan a Cybersecurity Roadmap in Four Steps
ACSC Australia
Information Security Manual
Information Security Manual
Kaspersky
Incident Response Playbook: Dark Web Breaches
Incident Response Playbook: Dark Web Breaches
ninjaOne
Endpoint Hardening Checklist
Endpoint Hardening Checklist
HADESS
Important Active Directory Attribute
Important Active Directory Attribute
ISA GLOBAL CYBERSECURITY ALLIANCE
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
Rajneesh Gupta
IAM Security CHECKLIST
IAM Security CHECKLIST
sqrrl
Hunt Evil
Hunt Evil
Searchinform
How to protect personal data and comply with regulations
How to protect personal data and comply with regulations
Giuseppe Manco
Threat Intelligence Platforms
Threat Intelligence Platforms
CSA Cloud Security Alliance
Hardware Security Module(HSM) as a Service
Hardware Security Module(HSM) as a Service
IGNITE Technologies
CREDENTIAL DUMPING FAKE SERVICES
CREDENTIAL DUMPING FAKE SERVICES
IGNITE Technologies
A Detailed Guide on Covenant
A Detailed Guide on Covenant
NIST
Computer Security Incident Handling Guide
Computer Security Incident Handling Guide
IGNITE Technologies
DIGITAL FORENSIC FTK IMAGER
DIGITAL FORENSIC FTK IMAGER
Accedere
Cloud Security Assessment
Cloud Security Assessment
YL VENTURES
CISO Reporting Landscape 2024
CISO Reporting Landscape 2024
CISO Edition
Reporting Cyber Risk to Boards
Reporting Cyber Risk to Boards
CIOB
CIOB Artificial Intelligence (AI) Playbook 2024
CIOB Artificial Intelligence (AI) Playbook 2024
INCIBE & SPAIN GOVERNMENT
Nuevas normativas de 2024 de ciberseguridad para vehículos
Nuevas normativas de 2024 de ciberseguridad para vehículos