Fraud Prevention Month

With cyber criminals more organized and sophisticated than ever, security professionals developing new measures to stay ahead of attackers

With more than two decades of experience working in cybersecurity, Theo van Wyk has witnessed dramatic changes in the nature and sophistication of cyber threats and has been on the front lines of developing security solutions for a rapidly expanding and increasingly complex IT environment.

Mr. van Wyk is the head of Solutions Development and Cybersecurity at CDW Canada, which marks its 20th anniversary in 2023. CDW provides IT solutions and services to businesses in such areas as cybersecurity, digital infrastructure and cloud technology.

In the early days of the company, the risks were different and the consequences from cyber attacks were less severe. The solutions and approaches have evolved to keep pace with the ever-increasing frequency and malicious nature of threats.

“When we look at the reasons for attack 20 years ago, we saw more ‘hacktivism’ – for example, a group taking down an organization’s network to gain social notoriety or to profile a cause,” says Mr. van Wyk.

The incentives were different because the rewards for attacks weren’t as lucrative. “We didn't have cryptocurrencies or the many ways that exist today for hackers to seamlessly monetize their activities.”

Cyber attackers now a well-organized industry

According to a security study conducted for CDW, Cybersecurity in 2022: Advancing the Maturity of Canadian Organizations1, 90 per cent of Canadian organizations reported that they were victims of a cyber attack in the previous year. The study found that the risk of loss of data, lockouts and disruption of services are top of mind for business leaders in Canada. Finding better ways to protect customer, employee and partner data and ensure the continuity of business operations is recognized as critical.

The security study described the new threat environment this way: “Cyber attackers are evolving into a well-connected and organized industry, and attacks are more sophisticated than ever before.”

“Cyber crime is big business, and the scale of the potential financial rewards has created a new ecosystem,” says Mr. van Wyk. “For example, there’s a group of attackers that shares information and tool sets, as well as revenue, with platforms where someone can buy ransomware as a service.”

Worldwide, cyber crime is estimated to be worth $8-trillion US today and projected to reach $10-trillion by 2025.

New IT environment creating new vulnerabilities

Technological advances have opened up new pathways for cyber criminals to do harm. Organizations have an “expanded attack surface” – more physical and digital assets, from servers to client computing and the Internet of Things (IoT). And the expansion of hybrid work models and remote access by employees further increases vulnerabilities.

“Compared to 20 years ago, we’re doing more sensitive types of transactions on mobile devices and apps, such as online banking, personal communications and sharing of health information,” says Mr. van Wyk.

“And it’s becoming easier for bad actors to gain access to and use a person’s credentials. In the old days, even if I had your username and password, I had to go into an office and physically plug into a network. Today, an attacker can go to an online email site and gain access to your inbox from anywhere in the world.”

The CDW security study also highlights public cloud servers as a new “hot target” for cyber attackers, especially for larger organizations that may make extensive use of public or hybrid cloud infrastructure.

Evolving security measures to meet the new challenges

Two decades ago, cybersecurity was equated with technology. “People were worried about viruses, so protection became a technology checkbox: install antivirus everywhere. And then firewalls and intrusion-detection technology grew as new threats accelerated, but it was still about technology.”

Today, more organizations understand the need for a more comprehensive approach that also includes people and processes. “We’re also seeing security more commonly embedded in the business plan,” says Mr. van Wyk. “Asking questions such as, Is this technology protecting the right data? Do you have the right policies, and are you empowering your employees to make the best decisions when they’re exposed to phishing or some other threat?”

Cyber resilience has become the new mantra, he says. While defence remains important, organizations increasingly understand they can’t prevent all cyber attacks, but they can put resources into responding to an attack. “We have a new focus on breach response, with solutions to mitigate or halt an attack, to limit the harm and recover quickly.”

Preparing for the future

The other area that is going to change is the speed at which compromises occur, says Mr. van Wyk.

“Attackers are capitalizing on machine learning, for example. It used to be months between new threats emerging; now it’s days and even hours.”

Security professionals also need to leverage machine learning, automation and new analytics tools “to allow security to move at the speed of machines and not at the speed of humans,” he says. “Some of these new tools are exciting because they will enhance our ability to continuously evaluate security and respond to attacks in real time.”

Mr. van Wyk also stresses the need for businesses and security providers to work with each other more closely. “The collaboration is increasing and we need to do more. Cybersecurity professionals need to band together across companies to match the sophistication and organization of the would-be attackers.”

To view this report on The Globe's website, visit globeandmail.com

To view the full report as it appeared in The Globe's print edition: Fraud Prevention