Chat Now Available 24/7
Log in
Chat Now
Log in
Order Now

Custom Writing Help For You!

Special Discounts Offers! 20-30% Off!

Posted: October 12th, 2020

The Fight Against Cyber Crime

THE FIGHT AGAINST CYBERCRIME
The Fight Against Cyber Crime: What Can We Do? Abstract Cybercrime is on the rise and every organization must recognize the danger and take necessary steps to help mitigate the threat. While many institutions worry more about hackers than cybercriminals, it is a cybercrime that can cause the most damage. A hacker is more easily detected while a cybercriminal may already be in your network undetected. While a hacker may try to breach a network for the thrill or to annoy, a cybercriminal will breach a network for monetary gain. This paper is intended to point out some of the risks of cybercrime and what a financial institution can do to help mitigate the threat of attack. Keywords: cybercrime, cyber attack, Information Technology Information Sharing, and Analysis Center, IT-ISAC, Financial Services Information Sharing, and Analysis Center, FS-ISAC The Fight Against Cyber Crime: What Can We Do? While many institutions worry more about hackers than cybercriminals, it is cyber criminals that should make us warier.
A hacker is more easily detected while a cybercriminal may already be in your network undetected. While a hacker may try to breach a network for the thrill value or to annoy their victim, a cybercriminal will breach a network for monetary gain. This may include “data acquisition and storage, stealthy access to systems, identity collection and theft, misdirection of communications, keystroke identification, identity authentication, and botnets, among others”. According to a survey conducted in August 2011 by Ponemon Institute, for the 50 participating companies (see chart 1), the average time it takes an organization to resolve a cyber attack is 18 days with an average cost of $23,000 a day. An insider attack can average 45 days to contain. This does not include the value of any data lost, modified, or stolen in the process. This survey also showed the average annualized cost of cybercrime to financial institutions was $14,700,000 for 2011, up from $12,370,000 the previous year (see Chart 2).

Chart 3 summarizes the types of attack methods experienced by the companies that participated in the survey. According to security firm Imperva, “The average large business sees 27 attacks per minute hitting its Website. Attackers can use automation technologies to generate up to seven attacks per second or 25,000 attacks per hour”. To build a sufficient IT security posture, it is important to assume that an unauthorized user can gain access to the network and then structure the network to best protect the most valuable data. The valuable data can then “be tagged and monitored so that the organization knows where it is, where it is going, where it has gone, and on whose authority”. The organization also needs to understand that they need to not only monitor what is coming into their network but also what is leaving their network. This will help “detect activities enabled by techniques and technologies that mimic, exploit, or piggyback on the access of authorized users”.
Using standard firewalls and anti-virus programs alone will not accomplish this. The organization must take a more proactive approach to protect its financial data. Now that we know what we need to do, how do we accomplish this? Some very basic steps include employee screening, employee training to help mitigate against social engineering, disabling account access of terminated employees, ensuring software updates and patches are properly implemented and ensuring firewalls are properly configured. More advanced steps include, but are not limited to, setting up a demilitarized zone to help block the network from outside access, installing a honeynet system to look like an authentic part of the network to entice and trap intrusion attempts for further analysis, installing hard drive encryption and remote data wipe capability on all laptops and other mobile devices, and requiring smart card and pin number authentication (or some other form of multifactor authentication) to access sensitive data.
The Ponemon survey revealed companies utilizing security information and event management (SIEM) solutions such as these average 24 percent less expense in dealing with cybercrime attacks (see chart 5). This reduction in cost is because companies that use SIEM solutions are better able to detect and contain, and therefore recover, from such attacks. Another important step for a financial institute to take is to become a member of the FS-ISAC (Financial Services Information Sharing and Analysis Center). The FS-ISAC was founded in 1999 and led the way for the IT-ISAC (Information Technology Information Sharing and Analysis Center) which was founded in 2001. The purpose of these groups is for organizations to have the opportunity to share the security attacks and vulnerabilities they have experienced with other organizations in their field of industry. Given the sophistication, complexity, and evolution of cybercrime technologies and techniques, no sizable organization can plan and implement the necessary response alone. CIOs, CSOs, CROs, and cybersecurity professionals should share information, techniques, and technologies in their battle against cybercrime. The importance of FS-ISAC was proven in 2000 when member companies where saved from a major denial-of-service attack that many other companies experienced. As shown in chart 4, a denial-of-service attack can be costly. A more recent example of FS-ISAC at work is the August 23, 2011 report of the Help Net Security (International) Ramnit worm which uses Zeus Trojan tactics for banking fraud.
As the FS-ISAC points out, “When attacks occur, early warning and expert advice can mean the difference between business continuity and widespread business catastrophe”. Knowing and having the chance to combat against these attacks can save institute millions. In conclusion, financial institutions must stay vigilant to current and new cyber threats. 3 gives a breakdown of cyber threats and controls that can help reduce the impact of these threats become reality. It is important for an organization to enroll in its respective ISAC and to share in the lessons learned from previous attacks. While it would be almost impossible to learn about and prevent every type of attack, staying vigilant will help reduce the likelihood and impact.
References

Deloitte Development LLC. (2010).
Cyber Crime: A Clear and Present Danger. Retrieved December 23, 2011, from the World Wide Web: http://eclearning.excelsior.edu/webct/RelativeResource Get research paper samples and course-specific study resources under   homework for you course hero writing service – Manage r/Template/pdf/M7_Deloitte_CyberCrime. pdf FS-ISAC. (2011).
Current Banking and Finance Report, Retrieved 24 December 2011, from the World Wide Web: http://www. fsisac.com/ Hurley, E. (2001, January 29).
IT-ISAC: A Matter of Trust. Retrieved 24 December 2011, from the World Wide Web: http://searchsecurity. techtarget.com/news/517824/IT-ISAC-A matter-of-trust Ponemon Institute LLC. (2011, August).
Second Annual Cost of Cyber Crime Study. Retrieved December 24, 2011, from the World Wide Web: http://www.arcsight.com/collateral/whitepapers/2011_Cost_of_Cyber_Crime_Study_August. pdf Rashid, F. (2011, July 25).
Cyber-Criminals Use Botnets, Automation to Launch Multiple Blended Attacks. Retrieved December 24, 2011, from the World Wide Web: http://www. week. com/c/a/Security/CyberCriminals-Use-Botnets-Automation-to-Launch-Multiple-Blended-Attacks-656032/Chart 1.Sample of Participating Companies by Industry (Ponemon, 2011).
Average annualized cost by industry sector ($1M). The industry was not represented in the FY2010 benchmark sample. Chart 2. Average annualized cost by industry sector. Types of Attack Methods Experienced Chart 3. Types of Attack Methods Experienced.
Average annualized cybercrime cost weighted by attack frequency. The FY 2010 benchmark sample did not contain a DoS attack.
Average annualized cybercrime cost. Comparison of SIEM and non-SIEM sub-sample of the average cost of cybercrime.
Comparison cost of SIEM and non-SIEM companies (Ponemon, 2011).
Percentage cost for recovery, detection & containment (Ponemon, 2011).
Financial Impact Regulatory ComplianceIndustry Reputation 4CriticalIncrease in costs greater than $1MFines in excess of $1MSignificant sustained negative media exposure.
Significant loss of business due to blemishes on public image. 3MajorIncrease in costs $100K to $1MFines between $100K and $1MNegative media exposure. Loss of business due to blemishes on public image. 2ModerateIncrease in costs less than $100KFines under $100KSome negative media exposure. Slight loss of business due to blemishes on public image.

Order for this Paper or similar Answer/Assignment Writing Service

Place your order by filling a guided instructions form in 3 easy steps.

Check Prices
Order Now

Why choose our Study Bay Services?

Like every student, Focusing on achieving the best grades is our main goal

Top Essay Writers

We have carefully cultivated a team of exceptional academic writers, each with specialized expertise in particular subject areas and a proven track record of research writing excellence. Our writers undergo rigorous screening and evaluation to ensure they hold relevant advanced degrees and demonstrate mastery of English grammar, citation style, and research methodology. Recent projects completed by our writers include research papers on topics such as sustainable energy policy, cognitive behavioral therapy, and molecular genetics.

Student-Based Prices

We prioritize attracting highly skilled writers through competitive pay and strive to offer the most cost-effective services for students. References from recent years include surveys of customer satisfaction with online writing services conducted by the American Customer Satisfaction Index between 2018 to 2022, demonstrating our commitment to balancing affordable costs with high standards of work through positive reviews and retention of expert writers.

100% Plagiarism-Free

We guarantee 100% original and plagiarism-free final work through a thorough scanning of every draft copy using advanced plagiarism detection software before release, ensuring authentic and high-quality content for our valued customers. To note, we also do not generate assignment content with AI tool, thus you a guaranteed 0% similarity index for your final research paper.

How it works

When you decide to place an order with Study Pro Essay, here is what happens:

Calculate Your Order Check Prices

Complete the Order Form

You will complete our order form, filling in all of the fields and giving us as much detail as possible.

Assignment of Writer

We analyze your order and match it with a writer who has the unique qualifications to complete it, and he begins from scratch.

Order in Production and Delivered

You and,the support and your writer communicate directly during the process, and, once you receive the final draft, you either approve it or ask for revisions.

Giving us Feedback (and other options)

We want to know how your experience went. You can read other clients’ testimonials too. And among many options, you can choose a favorite writer.