More collaboration needed to slow the advance of cyberthreats
Posted on | July 7, 2010 | add a comment
Last month, I reported on two public/private initiatives that are model collaborative efforts aimed at making the Internet safer. One involves the federal government, education officials and giant military contractors teaming up on a recruitment drive to corral a new generation of tech pros specifically trained to defend the Internet. The other was about the launch of the Internet Fraud Alert center, a Microsoft-led coalition that will serve as a clearinghouse for reports about caches of stolen data stashed all across the Internet. In this LastWatchdog guest post, Hugh M. Jones IV, president and CEO of payment routing firm Accuity, sets the context for the latter.
By Hugh M. Jones IV
Every time a cyber-criminal successfully executes a phishing scam, scareware campaign, data theft, network hack or simply finds a laptop filled with sensitive information in a public place, more than one victim has been created. In fact, as both the volume and sophistication of cyber crime attacks continue to rise, almost every aspect of the worldwide financial, legal and payment processing systems is in danger of being victimized, and faces an even greater need to address the risks associated with online fraud.
Yet, even though institutions ranging from retailers to banks to government agencies have placed the fight against cybercrime at or near the top of their security agenda, the damage done by the bad guys continues to grow. According to figures published earlier this year by FBI-backed Internet Crime Complaint Center (IC3), 336,655 Internet-related crimes were reported in 2009, a 22.3 percent increase from 2008. IC3 reports the total loss linked to online fraud was $559.7 million—up from $265 million in 2008.
Why the continued disparity between efforts and success? The answer, in part, is due to a lack of an integrated, collaborative approach to the problem. For too long, organizations have focused on making sure their own islands of information have been protected while not seeing the downstream damage cyber crime can cause for banks, payment processors or a host of other groups affected by the breaches.
Fortunately, a movement is growing to change our approach to the problem. One example is Internet Fraud Alert, a recent initiative that enables real-time reporting of suspected online fraud via a secure network of participants. By bringing together security researchers, service providers, retailers, banks and government agencies in a single, secure system that matches stolen data to the institution that manages the account in question, the program offers a model for a tighter, more integrated approach up and down the financial and payment value chains to mitigate damage from online fraud.
Accuity supports the Internet Fraud Alert program and other such efforts as critical weapons in the fight against cyber crime. That’s why we donated our proprietary Databank solution to help the program’s sponsor, the National Cyber-Forensics and Training Alliance (NCFTA), successfully vet the financial institutions seeking to participate and, thus, ensure the integrity of the system and the alerting process. Coalitions such as the Internet Fraud Alert are what is needed to bring together best in class organizations to share expertise and break barriers hampering the fight against cyber crime. By minimizing a “siloed†approach and encouraging collaboration across organizations and areas of expertise, we can develop a more open line of attack that gives criminals fewer places to hide.
But we feel more can be done. For its part, Accuity’s data helps to ensure the integrity of the program’s participants and, as a result, assists in opening the lines of communication between organizations. The next step is finding even more ways to leverage opportunities to bring together organizations with a stake in the outcome that can then collaborate and share their unique insight and data to help in the battle. Only then will have a truly integrated approach to a problem that thrives on finding cracks in fractured defenses.
About the author:
Hugh M. Jones IV leads the global businesses for Accuity and NRS, a leader in SEC and FINRA compliance adherence solutions. Prior to joining Accuity, Jones spent five years building IntrinsiQ Research into the dominant leader in information management for the oncology market. Previously, Mr. Jones led Datamonitor’s Healthcare practice as the Global Managing Director. Prior to Datamonitor, Hugh was a member of the Deloitte Consulting Life Science Strategy Group, where he concentrated on corporate and marketing strategy for leading life science companies. Hugh holds an M.B.A. from the University of Michigan and a B.A. from Yale University.