In an interview with TechRepublic's Dan Patterson, IBM's executive security advisor Etay Maor discussed the rapidly growing cybercrime industry. Maor emphasized how vulnerable businesses are to cybercrime and how new technology puts companies at even greater risk.
SEE: 4 questions businesses should be asking about cybersecurity attacks (Tech Pro Research)
Maor explained that cybercrime is it's own business. Specifically, "a $455B a year business. It's huge. And it's not going anywhere, it's just growing," Maor said.
Cybercrime does not discriminate when it comes to big or small businesses, Maor added. When medium or small businesses get hacked, that information can often be used as a proxy for a larger attack on bigger businesses. Maor noted how we always hear of high profile attacks, but the majority of attacks are e-crimes committed by smaller groups.
While the dark web does have some good qualities, Maor said the dark web is a breeding ground for cybercrime because of the anonymity provided to its users. The attack strategies in the cyber world are terrifying, with many e-commerce websites posing as safe, normal websites, but are instead minefields for cyberattack in the dark web, Maor said.
"It's a constant game of cat and mouse between the defenders and the attackers," Maor noted. With technology constantly changing, security has a tough time keeping up. Maor explained that the security industry moves significantly slower than the cybercrime industry because there are no regulations for cybercrime.
Maor said it's imperative for people to change how they approach security. Companies are not doing basic things to protect themselves from cybercrime, they need to have backups in place and always be prepared, Maor furthered.
The mindset around cybersecurity and cybercrime must shift. Businesses need to run under a "when will I get hacked" instead of an "if I get hacked" mentality, making security more of a priority than expediency to release a product.
The 3 big takeaways for TechRepublic readers
- Cybercrime is not going anywhere, in fact, it is a growing business.
- The security industry moves slower than the cybercrime industry, leaving small and medium businesses even more vulnerable to attacks.
- A mental shift surrounding cybercrime must occur if businesses want to be protected. Companies need to view cybercrime as a perpetual imminent threat and address security accordingly
- Report: 99.7% of web apps have at least one vulnerability (TechRepublic)
- Cybercrime Inc: How hacking gangs are modeling themselves on big business (ZDNet)
- Report: Cyberespionage now most popular form of cybercrime in many industries (TechRepublic)
- Free hacking tools start teens on path to cybercrime (ZDNet)
- Simple ways to avoid malware on all your devices (TechRepublic)