Code: The Next Big Weapon
Preview of the 2014 Risk Management Conference
BY Scot Blythe | August 7, 2014
As a speaker at the next week’s Risk Management Conference August, former senior advisor for innovation to Secretary of State Hillary Clinton will speak In advance of the conference, we asked Alex a few questions about the extent of cyber crime, its perpetrators, and how financial institutions can avert predatory threats.
What’s the economic/dollar impact of cyber crime?
The economic impact in American dollars of cyber crime is already over $300 billion a year. This is massive and it is only growing.
Who are the primary targets? Individual savers and credit card holders? Large financial institutions?
The most frequent targets are individuals whose personal information can be extracted and their various financial accounts then penetrated. More sophisticated hackers tend to target institutions. The largest institutions tend to be the best prepared, so it is actually mid-sized institutions (particularly financial institutions) that are in the gun sights of many of today’s hackers. The largest institutions are the most dangerous and difficult to attack because they have the best defences.
Who are the perpetrators? Governments? Gangs?
The perpetrators vary widely from state-sponsored hackers coming from Russia and China to so-called “black hat” hackers for hire that come from just about anywhere, though a particularly high concentration of them come from Germany, eastern Europe and the former Soviet Republics. The “gangs” tend to hire the hackers rather than be home to the hackers themselves.
Can cyber crime affect stock and bond trading and asset custodianship?
Cyber crime can absolutely affect stock and bond trading and asset custodianship. So far we have seen exchanges and trading platforms as targets. The only thing that has kept this from happening more frequently is that the Chinese would lose as much as anybody from the loss of stability that would come from compromised systems. The targeting of exchanges and platforms is less likely to come from a government (for now) and more likely to be the target of mayhem-makers – people trying to cause harm without necessarily incurring economic benefit to themselves.
What are the best practices against the “weaponization of code.”
Sadly, it is time for every board of directors and every management team to have a robust cyber defence strategy that has been signed off on from the top. The amount of investment that needs to go into cyber defense needs to move increasingly upward and the risks to enterprises grow. This is why I see the cyber industry growing to become a $175 billion industry within the next three to four years.
To find out more about Alex’s presentation and the Risk Management Conference, click here.
To learn more about the Risk Management Conference, please visit the conferences section of the CIR website. If you are interested in attending this event, please email Alison Webb to be considered, as limited space available.