‘This time it’s personal’ will be our motto for 2015 as cyber-criminals are predicted to become more selective in the way they target victims.
According to Stephen Bonner, a partner in KPMG’s cybersecurity practice, the next twelve months is expected to see criminals move away from mass spear-fishing tactics in favour of highly targeted ‘campaigns’, based on the data trail people leave in their online lives.
Stephen Bonner said “Over the past year, the Internet of Things took its first tentative steps into the mainstream, but consumers’ willingness to adopt the latest trend has come at a price. Their desire to be seen has overtaken their desire to be secure, meaning that we can expect organised crime to find new ways to make money in our increasingly digitised society.”
“It is possible that our willingness to share and shop online may let criminals become more selective about who they target. They may not need to maintain the current ‘hit and hope’ approach of spear phishing, instead only attack specific users and computers based on the data these give away about their owners.”
The result, according to Stephen Bonner may be a business world where cyber protection matures and where governments come together to improve ways in which confidential data is secured.
He said: “2014 may have been a year in which hardly any time went by without news of a cyber-attack and the next 12 months may not be different. This time, however, third party assurance is expected to become a burgeoning industry as firms seek to protect themselves against lawsuits for loss of data or revenue. As part of this, my hope is that EU governments will reach an agreement on data protection legislation in a post-Snowden world, and implement a data breach disclosure regime.
“Ultimately, cyber defence can be akin to a game of whack-a-mole – with more emphasis on spotting attacks, more sharing of intelligence in near real-time and more efforts by companies and governments to counter assaults and disrupt cyber-attacks quickly. But to win the game a change in mindset is needed, with security teams reinventing themselves by engaging with the business to really understand their priorities and justify their budget, determining that their efforts are focussed on defending key business assets, while all the while being seen as an enabler for doing business in the digital world.”
© 2017 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.