When the auditors come around
When the auditors come around

The rise of organized online crime will be a major challenge in the next few years says Illena Armstrong, editor-in-chief, SC Magazine.

Just as the business community has evolved to land profits from the online economy over the last few years, so too have cybercriminals. Yet, defenders of corporate networks – often plagued by stagnant budgets and sometimes tepid buy-in from bosses – face challenges galore keeping up.

Take a gander at recent news stories on SCMagazineUS.com and the picture gets even less rosy. For example, our Chuck Miller reported recently that a couple of crime servers were found in Argentina and Malaysia containing some 500 megabytes of stolen data, which was probably being auctioned off to the highest bidder. Roll back the clock some seven years ago and you may have seen a hacker bragging about defacing a government website or heard about the odd incident of a large company being blackmailed by a cyberthief.

Cyberattackers these days, though, are creating a well-established industry. According to Threat Horizon 2010, a recent report from The Information Security Forum (ISF), the rise of organized online crime will be a major challenge in the next few years. This is due, in large part, to the fact that organized online crime groups are establishing advanced business models to profit from the online economy.

Alongside these more targeted, structured and enterprising online crime efforts, cyberattackers are keeping an eye on more frequently used mobile devices to create fraudulent payments or access unguarded data and Web 2.0 applications to take advantage of countless vulnerabilities, the ISF reports.

Using the expertise of their over 300 corporate members, ISF spokespeople note that they have detailed what they consider to be the most concerning of emerging threats so that corporations can take proactive steps to protect themselves. There's the rub, though.

Such industry research reports usually are quite informative, providing some good insight on what companies should be covering in risk management plans. Ultimately, it's up to business leaders to heed these alerts and ensure they've provided enough support and resources to their information security pros to implement and maintain malleable yet comprehensive security plans that can accommodate emerging threats.

Digital crooks have learned that establishing an ordered and workable business model is critical to the success of their criminal enterprise. It's time for businesses to get just as methodical and industrious in protecting a lucrative online economy.