Enterprise Services
Showing results for 
Search instead for 
Do you mean 

Stopping Cybercrime from the Inside Out

‎08-15-2014 09:42 AM - edited ‎09-30-2015 07:06 AM

By Andrzej Kawalec,

Chief Technology Officer (CTO) for HP Enterprise Security


The digitalization of our lives has radically changed the way we live, love, work and play. Unfortunately, it has also changed the way cyber criminals prepetrate felonies.


How do you identify the faceless?

We live in a world where bank accounts and even national secrets are code.jpgripped apart and sold to the highest bidder. Whereas infamous criminals of the past like Al Capone and Butch Cassidy had to avoid “wanted” signs as they physically moved large sums of cash. Today’s cyber criminals are able to commit their crimes with a great deal of anonymity.


Cyber criminals are faceless. They operate in a sophisticated and vertically-integrated global network, generating more than $104 billion in illegal revenue each year and perpetrating 16 cybercrimes per second. These acts often blend together traditional crime with cybercrime.


It could already be happening, without your knowledge.

For example, a global criminal ring recently hacked into a bank’s network to increase pre-paid debit card accounts to an unlimited level. They then sent those details around the world, and had well-coordinated gangs withdraw handfuls of cash from ATMs. One gang in New York City hit 2,000 ATMs in a matter of minutes.


On average, criminals can hide inside networks for upward of eight months, taking their sweet time to understand business’ systems, applications, customer and employee details, and even intellectual property. And, as cyber criminals become more sophisticated, it’s taking victims even longer to recuperate after a breach.


Cybercrimes can inflict several levels of material damage to businesses regardless of industry, sector or size.

There are three different types of collateral damage that result from a data breach:

  1. Monetary - Data breaches are getting more costly every year. In 2010, a data breach on average cost about $3.8 million on average. By 2020, a data breach will cost over $17 million.
  2. Brand reputation - After a company experiences a major data breach, customers often don’t trust the brand of the company anymore. There have been a number of cases in financial markets where companies that have been breached have lost as much as 30 percent in their market capitalization.
  3. Intellectual Property and Trade Secrets – These are the damages that the company may never see. The best example is when a company experiences a data breach, and then one of their competitors uses this information to undercut them in the market, resulting in monetary damage that is much less tangible then dollars and cents.

The bad news is, the way our industry has traditionally handled cyber security actually hands a huge advantage to the criminals. We share our security standards and vulnerabilities, but so rarely share how the criminals got in and what information they are after.


We’re losing the battle – but we don’t have to.

To help put a stop to cybercrime, security professionals have to get inside the crimnials’ heads and use their own tricks against them.


Cyber criminals have learned that pooling intelligence leads to great rewards. Let’s take a page from their playbook and share our security intelligence with one another. Without doing so, we’re giving the cyber criminals the tools they need to perpetrate the same crimes over and over again around the world.

It’s a scary world, but we shouldn’t have to go at it alone. Let’s band together to stop the adversary. Learn more about how HP is stopping the adversary by sharing cyber intelligence among its security clients.

*According to HP research estimates.


About the author

Andrzej Kawalec.jpgAndrzej Kawalec, Chief Technology Officer (CTO) for HP Enterprise Security, is responsible for HP’s Information Security strategy, solutions, portfolio, and market-facing activity. He leads a global research and innovation team, with a particular focus on cloud, consumerization, cyber security, and the business risks surrounding information security systems, policies, users, and processes.






Related links


HP Threat and Vulnerability Management Services: Get vulnerability and hacking

services delivered by experts

Risks, trends, and disrupters: CISOs most adaptable to change will survive

The University of Nottingham benefits from enhanced risk and threat management

0 Kudos
About the Author


Nov 29 - Dec 1
Discover 2016 London
Learn how to thrive in a world of digital transformation at our biggest event of the year, Discover 2016 London, November 29 - December 1.
Read more
Each Month in 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all