By Kevin Bailey, Managing Director & Principal – Security Research at Omnisperience
When I look back at the cybersecurity industry, in the early 2000s it involved a few hundred vendors battling for their share of a ~$750 million market. The hacker was motivated by the chase and notoriety rather than monetary rewards. Fast forward to 2020 and sophisticated hackers have now established a matrix structure comparable to multinational corporations with the discipline, skills, diversity of products and a capability for R&D that delivers a conveyor belt of disruption, damage and a deficit to their targets.
Over the years the security industry has provided solutions to every known attack surface perpetrated by cyber criminals – swelling global revenues of the cybersecurity industry to $248 billion in the process. Yet continual data breaches, identity thefts and ransomware attacks clearly show that many of the solutions provided are really defensive in their design – meaning that organisations are playing catch up and second-guessing attacks as cyber-criminals have turned the tables from 20 years ago, utilising their skills and acquired data to control the narrative. To combat the sophisticated and industrialised approach to cyber-attacks that we are seeing, organisations need to rethink their approach and, importantly, the purpose of their approach.
The importance of data
Whatever the end game, it’s all about the data: both its value to businesses themselves, and its value to adversaries to guide and enable cyber-attacks.
Digital platforms have overtaken physical interactions in our connected world, vast datasets have been amassed that combine business, personal, location, financial and health data (amongst others). Not only is data the honeypot that cyber criminals seek, it’s also the startin ..
Support the originator by clicking the read the rest link below.
