Cyber Unicorns on the Rise - How Will They Impact Your Firm's Security?

Recently heard people in my profession refer to “cyber Unicorns.”  Now Unicorn is a term used by the venture capitalist community to describe companies that reach over $1 billion in capitalization.  The reference, of course, is the rarity with which these events happen. There are many successful VC backed companies, but reaching $1 billion is as rare as finding a Unicorn. The concept of cyber Unicorns is that financial crime achieved via cyber means is no longer a pastime; rather it’s a full time job. Criminal organizations pursue every means necessary to gain access to internal systems and then use multiple schemes to monetize that access. Typical schemes include “cyber ransom” – where a company's data is encrypted and the key provided only on payment of a ransom; exfiltration of intellectual property; acquisition and selling of customer data (especially uniquely identifying data) that facilitates identify theft; creation of phony invoices; illicit transferring of funds, and more. The number of schemes seems to be infinite. To combat these cyber Unicorns, and all the wannabes, firms have to invest in both people and technology. People are needed because they have the ability to make good decisions, do conduct investigations and see obscure patterns quickly. Technology is required because the volume of attacks is sufficient to overwhelm manual efforts no matter how skilled or dedicated the staff.  This augmentation of people by technology is sometimes called creating Centaurs, an homage to the mythical creature that was half-man and half-horse. SOC analysts, and other security and cyber crime investigators, are the modern version of the Centaur, leveraging technology to sift through the universe of data to find relevant data upon which to act. Just what impact will cyber unicorns have on organizations like yours? Share your comments with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/