3 things organizations must do to disrupt cybercrime

Today’s threat actors are doubling down on their “more is more” approach to cybercrime. In the first half of 2023, our FortiGuard Labs team observed significant activity among advanced persistent threat (APT) groups, an uptick in ransomware frequency and complexity, and increased botnet activity.

As cybercrime proliferates, it's no surprise that organizations are falling victim to attacks more frequently. A recent report shows 84% of entities experienced one or more breaches in the past 12 months.

The threat landscape's ever-changing nature and growing sophistication make collaboration more critical than ever. This is especially true as advancing technologies, geopolitical events, a shortage of skilled cybersecurity professionals, and emerging economic challenges introduce new layers of complexity as we work to stay ahead of our adversaries. It's encouraging to see many collaborative efforts already in progress, such as the Cybercrime Atlas project. The initiative – hosted by The World Economic Forum with support from Fortinet, Microsoft, PayPal, and Santander – gathers and collates information about the cybercrime ecosystem.

Collaborative efforts play an integral role in our collective fight against cybercrime. Yet just as the success of a sports team is dependent on each player’s individual effort, the same can be said for strengthening our collective resilience against cybercrime. Each organization across the public and private sectors must actively participate in this cybercrime disruption effort. Below are three areas that establishments must pursue to strengthen their cyber resilience, making them a stronger partner in efforts to disrupt cybercrime.

A team of skilled professionals, intelligent processes, and solid technology solutions are critical aspects of an effective risk management strategy. However, cybersecurity is everyone's job, and your employees can be your best defence or weakest link.

Research shows that human involvement contributes to three out of four breaches. Regardless of their role, each individual in your organization must be aware of common cyber risks and what actions to take if they suspect they’re a target.

For employees, create or refine ongoing cybersecurity awareness initiatives, such as enterprise-wide security education programmes, regular training sessions, and phishing simulation exercises. Your executives will benefit from more focused activities like tabletop exercises to walk through the incident response plan and enhance their cybersecurity leadership and response.

Organizations of all sizes and industries struggle to find, hire, and retain skilled cybersecurity professionals. A survey conducted by The World Economic Forum shows that only 46% of cybersecurity leaders say they have the people and skills they need today. Meanwhile, an ISC2 study notes that the global cybersecurity workforce gap continues to widen, with nearly 4 million security professionals required to fill vacant roles.

Pursuing only "traditional" candidates with previous cybersecurity experience or a degree in a related field is no longer an effective hiring strategy. Organizations need to think creatively to address this gap. Tapping into new talent pools can help organizations navigate the combination of overworked IT and security staff and the expanded threat landscape. Upskilling through opportunities like certification programmes can give existing employees the needed skills and knowledge to keep pace with the evolving threat landscape.

Using technology to support operations can help augment entry-level positions. A great example of this is embracing managed services, as these offerings can help shrink the skills gap within the organization, create a more proactive approach to security, and increase your team’s agility.

In most organizations, there are unintentional silos among departments that prevent them from achieving stronger cyber resilience. From my vantage point, I often observe obstacles between an organization’s Network Operations Center (NOC) and Security Operations Center (SOC) teams. These complications create friction and lengthen your response time to even the smallest challenges, ultimately harming the entity’s security posture.

The good news is that there are many actions leaders can take to dismantle these silos to enhance collaboration and resilience. The first step is bringing together the organization's leadership and board members to achieve alignment on risk management goals. That group should then work together to determine how to reach those goals. This may include developing or refreshing an organization-wide security strategy modelled after a familiar framework such as NIST's or creating incident response playbooks to ensure a single, comprehensive process that stakeholders can follow when an incident occurs.

Technology also has a role to play in dismantling internal silos. There are many benefits to pursuing new solutions that help to break down barriers and make collaboration easier. For example, organizations should embrace AI-powered security operations. Making this change can reduce your team's detection and response time and increase the interoperability of the organization's entire technology stack, encouraging greater partnership across the NOC and SOC teams.

Responding to threats collectively as an ecosystem has a greater effect on the disruption of cybercrime, and organizations must understand their essential role in this disruption.

Building a culture of cyber resilience, identifying ways to shrink the skills gap - including giving a trusted role to everyone in the ecosystem, and dismantling internal silos are core activities that can help organizations strengthen their own security posture, which enables our broader efforts to fight cybercrime. When organizations optimize their resilience, we can more quickly mobilize comprehensive protections against our cyber adversaries. This gives us a better chance at finding the choke points on the chess board to diminish cybercrime.