By Gregory Hale
Stealing money is one thing, but taking highly guarded company knowledge is top of any cyber thieves list these days as companies are losing over $1 trillion in intellectual property a year.
That was the outcome of a talk by Pamela Warren, director of global public sector and critical infrastructure initiatives at McAfee and Scott Aken, vice president of cyber operations at SAIC, entitled “In the Dark in 2010 – Necessary Progress in 2011,” at the ICSJWG Spring Conference last week in Dallas.
“Intellectual capital is the new cyber crime currency,” Aken said. The problem, he added, is companies often do not report any kind of attacks.
“Email is poorly protected,” Aken said. On top of that “when a company is attacked, they are not reporting the incident.”
In addition, 50 percent of the attacked companies are not remediating the cyber issue that allowed a thief into the system in the first place.
There are ways to protect vital information, he said. Some recommendations are deep packet inspection, data loss protection and human behavior analysis.
Looking at the manufacturing industry, knowing the top priority is keeping systems up and running, Warren said “control system folks are worried about denial of service attacks.”
That means manufactures have to stay aware of what their systems look like and constantly remain vigilant.
“It is very easy to dialogue about these attacks, but if (cyber thieves) can get ahead by stealing information, then why not?” Warren said.
She added there are ways to stay ahead and that is to use application white listing, any kind of updated anti-virus technology, patching and “getting employees to understand they are targets.’
“You really need to enhance that mindset,” she said. “We do have to be diligent and teach employees they are targets.”