While cyber security may have you thinking in zeros and ones, and wondering which next generation firewall you should buy next, the human element is alive and well in cyber crime.
Indeed, it can be argued that cyber crime only exists because human beings are motivated to take or break digital assets that do not belong to them.
So, while you mull over your cyber security defence, it may be helpful to consider how criminologists view the matter, especially in terms of crime displacement, a natural result of any security strategy.
Basically, the idea behind crime displacement is that if you stop criminals (including cyber criminals) from perpetrating crime in one way, they may well look for another way. Professional hackers including teams working for governments are more likely to develop other lines of attack.
Opportunists are less likely to do so. Crime (and cyber crime) displacement can occur in terms of the type of crime, the target, the method, the place, and the time, as well as the perpetrator.
- Rather than sabotage your servers from the inside, attackers launch DDoS attacks to make your servers unavailable.
- Hackers stop trying to steal your data and try to infect you with ransomware instead to get your money.
- The technical defences of your servers are so good that hackers decide to go for your soft underbelly, launching social engineering attacks on your employees for their system account credentials.
- Your enterprise is too tough to get into directly. However, your suppliers have access to some of your business systems and some of them are vulnerable to attack, which will then let attackers get into your systems.
- With a UEBA (user and entity behaviour analytics) solution in place, you’ll immediately be alerted by a hacker using compromised account credentials at three in the morning. So, the smart hacker tries three in the afternoon (on a working day, of course).
- Employing extra security staff to defend your digital assets stops external hackers from succeeding, but creates opportunities for insider attacks.
So, now you know what to look out for. Next step, update and enhance those cyber security plans!