Cybersecurity drivers part 3: The threat landscape

This four-part series will tackle four primary drivers that are re-shaping the cybersecurity landscape and will continue to do so over the next three to five years.

In the previous installment of this blog series, we tackled the IT talent shortage and its impact on cyber security. But what makes that talent gap such a problem? Why is the lack of qualified information security professionals a more troubling conundrum for organizations than it was even a few years ago? One of the primary reasons is the evolving cyber security threat landscape, which is fraught with a growing number of attacks of ever-increasing complexity.

Last year, the number of global cybersecurity attacks rose an astounding 48 percent over 2013 numbers, according to research from PwC. And considering the level of success cybercriminals had perpetrating data breaches (think Sony and J.P. Morgan), 2015 is likely to bring a similar spike in intrusion attempts and make life more difficult for those professionals charged with security operations management.

So, who is behind these attacks that IT professionals are charged with thwarting for their enterprises? Primarily, three groups of hackers make up the current threat landscape. Each group has its own motivations for its attacks, but all three can do major damage to an organization’s reputation and financial standing:

  1. Nation state governments: Governments have been hacking each other for years for a variety of reasons, but over the past few years a trend of nations hacking enterprises has begun to emerge. For instance, a unit of the Chinese Army, which allegedly began operations in 2006, has targeted bio-pharmaceutical firms in the U.S. in an attempt to steal technological and engineering information for China’s economic gain. The U.S. government has also stated publicly that it believes the highly publicized Sony Hack was committed by North Korea as a response to the film “The Interview,” which portrayed North Korean Supreme Leader Kim Jong Un in an unflattering light, but many questions remain around the attribution of this attack.
  1. Cybercrime: The landscape is full of criminals that perpetrate hacks purely for financial gain. These criminals use phishing, malware, spyware, bots and other methods to steal personal information (like credit card numbers, personal information, medical records or account login IDs and passwords) that they either sell or use themselves. Last year, for example, a group of hackers seized control of 1,600 accounts on Stubhub—the online marketplace for tickets to sporting events, concerts and other shows—and stole $1.6 million in ticket value.
  1. Organized crime: Rather than doing all of its damage through violence and intimidation like in the past, increasingly organized crime rings are pulling off major cybersecurity heists and profiting immensely. For example, last year a Russian gang perpetrated a massive theft, swiping 2 billion usernames and passwords as well as 500 million email addresses. Government agencies tasked with fighting organized crime are still scrambling to assess and figure out how to combat the threat but have had inconsistent success thus far.

The current information security threat landscape is scary. There are a frightening number of hackers out there with the skills and motivation to commit serious cybercrimes. And the threat isn’t likely to ease up any time soon.

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Cody Cornell. Read the original post at:

Avatar photo

Cody Cornell

Cody is responsible for the strategic direction of Swimlane and the development of our security orchestration, automation, and response (SOAR) platform. At Swimlane we advocate for the open exchange of security information and deep technology integration, that maximizes the value customers receive from their investments in security operations technology and people. Collaborating with industry-leading technology vendors, we work to identify opportunities to streamline and automate security activities saving customer operational costs and reducing risk.

cody-cornell has 132 posts and counting.See all posts by cody-cornell