Crime Doesn't Pay: 10 Ways To Control And Reduce Cybercrime Costs

Rising Cybercrime Costs Can Be Lassoed, Says Ponemon

The Ponemon Institute found that the annualized cost of cybercrime to companies increased 26 percent over the average cost in 2012. In its "2013 Cost of Cyber Crime Study," Ponemon said that insiders, financially motivated cybercriminals and hacktivists combined to boost the cost of cybercrime. The study, based on interviews with more than 1,000 security professionals and a benchmark sample of 60 organizations that experienced security incidents, identified ways to rein in costs. Organizations that gain control of escalating cybercrime costs have mature security programs. They have personnel to proactively monitor network appliances, and have information governance activities to apply effective policies and enforce them.

10. Employment Of Security Personnel

It's easier said than done, but organizations that have reined in cybercrime costs have employed skilled IT security professionals, Ponemon said. Businesses with deeper pockets can afford security pros with relevant certifications that are dedicated to investigating incidents and maintaining security appliances. Firms that lack the ability to hire a dedicated security team can outsource the activity to managed security firms that often maintain network monitoring tools and can oversee incident response.

9. User Awareness Training

Ongoing security awareness training can have a positive impact on end-user behavior and, ultimately, reduce cybercrime costs, Ponemon said. Programs should not be one-off events, but a sustained series of events and other initiatives designed to build a strong culture of security among employees. Effective programs are designed to help end users gain control of the security and privacy in their personal lives. Once end users understand how to protect themselves from financially motivated cybercriminals, they can understand how important their actions are in protecting corporate resources, experts say.

8. Appointment Of High-Level Security Leader

Organizations that have reined in costs have a strong security posture and often have leadership that oversees security activities, according to Ponemon. A chief information security officer that oversees security activities provides careful guidance over the company's security program and, over time, can help instill a strong security culture throughout the company. A high-level security leader was cited by Ponemon as an important governance activity.

7. Automated Policy Management Tools

Companies that use automated tools to set policies can ensure that security controls are not only addressed to reduce risks but also they are governed by policies that are enforceable. Government, risk and compliance (GRC) tools are fed policies and procedures that are then applied to security systems to ensure consistency. The tools also can help firms effectively communicate policies to employees, and identify end users and systems that fall out of policy for one reason or another.

6. Enterprise GRC Tools

GRC tools can help organizations spot and address weaknesses before they become targeted by an attacker. Proactive use of GRC tools could help rein in cybercrime costs, Ponemon said. GRC tools often will contain a console to help executives determine the risk profile of systems and help prioritize ongoing security projects. GRC tools go beyond ensuring that the company meets compliance mandates, according to Ponemon. They can determine if a system needs the latest security patches or if an appliance is misconfigured, opening a hole to a potential attacker.

5. Data Loss Prevention

If properly implemented, data loss prevention (DLP) tools can help reduce the risk of data leakage and rein in cybercrime costs, Ponemon said. DLP tools can help reduce employee errors, which are seen as some of the most widespread causes of data breaches. A DLP system can spot if an employee is sending sensitive data via email and either block the message or prompt the user to encrypt it. To gain the full effectiveness of DLP platforms, businesses need to implement them beyond personally identifiable information and credit card data. Data fingerprinting available with some DLP systems can help prevent the exposure of documents containing intellectual property.

4. Access Governance Tools

Access governance tools can help rein in costs by preventing unauthorized access to systems in the first place, Ponemon said. Access governance platforms can provide role-based user access and use behavioral analysis to spot suspicious login activity that could signal the use of stolen account credentials. Deprovisioning capabilities also can help business managers remove former employees from system access immediately after they depart the company. One word of caution: Experts tell CRN that identity and access management projects are often timely and costly endeavors.

3. Security Intelligence Systems

Companies that have deployed security information and event management (SIEM) systems also are controlling cybercrime costs, Ponemon said. The latest generation SIEM systems are now combining threat intelligence feeds with system logs to spot suspicious activity. To gain the full effectiveness of SIEM, organizations need to provide around-the-clock monitoring and have dedicated incident response personnel to investigate and contain problems as soon as possible.

2. Firewall Technologies

Next-generation firewall appliances can provide detection of custom malware and other advanced threats and help bolster traditional endpoint security software, Ponemon said. Advanced firewall technologies can spot and block botnet communication or repeated attempts by a malware dropper to contact a remote command-and-control server controlled by a cybercriminal. Security experts say companies are replacing legacy firewalls with newer systems that can help control network traffic at the application layer. Advanced perimeter controls and firewall technologies were cited as the two enabling security technologies that resulted in the biggest cost savings for enterprises.

1. Advanced Perimeter Control

Technologies that provide controls over the perimeter of a corporate network also can help control the costs associated with cybercrime, Ponemon said. These defenses include network access control platforms to block access to corporate resources, and endpoint security systems that monitor network behavior. Automated systems are not enough, according to Ponemon. Most systems need to be proactively monitored.