There has been a significant shift in the methodology used by cyber criminals over the past couple of years, in particular. Whilst traditional ‘hacking’ and malware are still prevalent, there has been a boom in other types of attack, in particular Ransomware and Social Engineering. So, why has this happened?

Most profitable types of cyber attack

There is an old saying, “follow the money”, and nowhere is this more pertinent when considering cyber-crimes against UK business. Look at the number of cyber-attacks over the past 12 months from the Beaming Breaches Report in May 2017 - the usual cyber-attacks still feature highly:

  1. Phishing - 1.3m businesses affected
  2. Viruses - 1.28m businesses affected
  3. Hacking - 1m businesses affected

However, to understand why these emerging threats are becoming so popular, we need to look at the revenues generated:

  1. Ransomware - £7.4bn (388k businesses)
  2. Phishing - £5.9bn
  3. Social engineering - £5.4bn

Whilst there were more than three times as many instances of Phishing against UK businesses in 2016, when compared to Ransomware, it yielded just 80% of the revenue. So, Ransomware appears to be 20 times more profitable, per incident, than hacking attacks, and five times more lucrative than other forms of Malware.

More targeted attacks are, by their nature, a lot more labour intensive but, for the criminal gangs who are willing to put in the effort, the rewards can be huge.

Common cyber security myths

There are a number of myths surrounding cyber security, which are impacting on businesses’ decision-making:

  1. Skilled hackers targeting businesses

There is still a perception that there are darkened rooms full of highly skilled hackers targeting UK businesses. If you are a high value target, e.g. a high-profile business, or you are dealing with high value intellectual property etc., then this may be the case.

However, against the majority of businesses, the investment required to carry out such attacks just isn’t worth it- after all, skilled labour is expensive! A large proportion of the non-automated attacks are carried out by a relatively low skilled labour force, who simply find a ‘victim’, load a weaponised attachment into an email, and click ‘send’.

Methodology used by cyber criminals
As safeguards become harder to breach, cyber criminals need to get creative if they want to get in to our systems
  1. I don’t have anything that hackers want

Unless you are in the “high value target” category, mentioned above, you may not feel that your business has anything valuable to hackers, or to anyone else outside your organisation. However, the data your business holds is extremely valuable to you.

Without data, many businesses could not operate. So, if you lost access to all of your company data, how much would you be willing to pay to get it back? This is why Ransomware is becoming so popular.

  1. Cybercrime is an IT issue

The technical safeguards which have traditionally kept us safe are still vitally important. However, as these safeguards become harder to breach, cyber criminals need to get creative, if they want to get in to our systems.

The beauty of these targeted attacks is that, because they aren’t automated, they don’t always have the indicators which allow them to be detected by anti-virus/anti-malware software, so are more likely to find their way in to employees’ inboxes than traditional mass-mailings.

  1. It’s someone else’s job

If fraudulent emails get past your IT defences, your staff are the only thing standing between you and a potentially significant loss. Now imagine that the employee in question had no knowledge of cyber-attacks, and believed instead that the IT department were solely responsible for stopping cyber-attacks…

The truth is that nothing is 100% effective, so it is everyone’s responsibility to be vigilant. Education, and good business management is just as important to preventing cyber-attacks as the IT infrastructure itself.

Embedding a cyber security culture

Cyber security is not simply an IT issue, and there is no “magic box” to plug in. There are three elements to any system, and cyber security is no exception. Effective cyber security can only be achieved when all three work in harmony.

Technology – your IT ‘estate.’ By ensuring that you have all the necessary IT safeguards in place on ALL your IT assets, including mobile devices, printers, access control systems, CCTV (basically anything connected to your network), you reduce the risk of something getting through.

You also need to ensure that these safeguards are regularly updated – the threats are constantly evolving, your systems need to evolve too

Embedding a cyber security culture with best practices
Effective cyber security can only be achieved when technology, people and process work in harmony

People – your staff. A properly briefed, situationally-aware workforce are your last line of defence, should something get past your technical security measures. They need to understand the risks to the business, and their role in preventing cyber-attacks. Training should be done in three strands:

  • Training for directors – awareness of the risks, governance requirements etc
  • Training for all
  • Training for high risk groups – more focused training for people within your organisation who are more especially at risk, e.g. the Accounts department

However, training is not a one-shot deal. This needs to be an ongoing programme of work, with regular refresher and update sessions.

Process – how you let your staff use your IT. Just as you wouldn’t let every employee have access to your banking and accounting software, cyber risk can be significantly reduced by limiting the ability of staff to access unnecessary areas of your network. By only giving staff relevant permissions to do their jobs, you reduce their ability to inadvertently (or intentionally) do something wrong.

With the proliferation of mobile devices, we need to ensure that users are doing so responsibly. So, we need to ensure that the same security standards are maintained when working remotely, via laptops, tablets and smartphones.

The key to protecting your business against cyber-attack is to view the digital risks in the same context as the other risks to your business

It doesn’t stop at IT policies. Criminals “follow the money”, so it is important that there are financial policies in place to reduce the risk of accidentally sending money to the wrong place. ‘CEO Fraud’ happens when a criminal, pretending to be the CEO of a business, sends an email to the accounts department requesting a payment be made to a nominated bank account.

In some cases, accounts staff have transferred many thousands of pounds to fraudsters, when a simple process of confirming all financial transaction requests in person, or via telephone, would have identified the fraud straight away

Securing your business in the digital age

Could it be that the very word “Cyber” is turning us off? The mere mention of the word “cyber” security may cause the non-technically minded to glaze over, dismiss it as “an IT issue”, and leave it to the IT staff to deal with. At board level, this default cascading of cyber security to the IT department is one of the most significant barriers to achieving cyber resilience in business.

If the “C” word puts you off, think of it as ‘Digital’ Security, and consider: Do you understand your digital risks in the same way as you do your physical risks? Or your legal or compliance risks?

And therein lies the fundamental truth: The key to protecting your business against cyber-attack is to view the digital risks in the same context as the other risks to your business, and treat it the same way, instead of dismissing it as an IT issue.

If you understand where the digital risks are, how they can affect your business, and what you would need to do in the event of an incident - in exactly the same way as you would for everything else on your risk register - you have taken your first steps to securing your business in the digital age.

Download PDF version

Author profile

In case you missed it

Has consolidation shifted to the security integrator/installer market?
Has consolidation shifted to the security integrator/installer market?

Consolidation – a decrease in the number of companies in a market achieved through mergers and acquisitions (M&A) – has been an important trend among manufacturers in the physical security market for many years. More recently, the trend has also appeared to extend to the integrator market. Larger integrators have been buying up other large integrators; in some cases, they have also been buying up smaller, regional integrators to expand their geographic coverage area. We wondered if this week’s Expert Panel Roundtable has noticed the trend. We asked: Has consolidation among security companies shifted to the integrator/installer market? What is the impact?

Ambarella: Neural network approach to revolutionise video surveillance analytics
Ambarella: Neural network approach to revolutionise video surveillance analytics

Ambarella is a big player in the video surveillance market, but not a familiar name to many buyers of security cameras. They don’t make cameras, but they make the computer chips inside. Founded in 2004, Ambarella began in the broadcast infrastructure encoders market and entered the market for professional security cameras in 2008. More recently, the company has also entered the market for automotive OEM solutions. Between 2005 and 2015, the company has produced a progression of advanced camera system on chips (SoCs) designed, developed and mass-produced for the consumer electronics, broadcast and IP camera markets. An SoC includes an image processor as well as capabilities to run software and provide computer vision (analytics). Development has been happening fast at Ambarella. In January, they introduced the CV22 camera SoC, combining image processing, 4K and 60fps video encoding and computer vision (video analytics) processing in a single, low-power-design chip. CVflow architecture provides DNN (deep neural network) processing required for the next generation of intelligent cameras. The even newer CV2 camera SoC, introduced in late-March, delivers up to 20 times the deep neural network performance of Ambarella's first generation CV1 chip, also with low power consumption. I caught up with Chris Day, Ambarella’s vice president of marketing and business development, at the ISC West show to find out more about the company. Q: Your company is not as well known in the industry as it should be, given its widespread impact on the market. Would you prefer otherwise? Day: I think we would prefer more visibility. If you talk to any camera maker, they know who we are. We do business with all the top-10 camera companies – Hikvision, Dahua, Avigilon, Pelco and the rest. Because we are a chip supplier, the end-customer deciding to buy a camera may not know what chip is inside. For that reason, we may not have the visibility. But if you are a camera maker, you know who we are. Typically, it takes nine months to develop a camera, longer with an intelligent camera because you are importing so much software Q: What are you hearing from your camera customers in terms of what they need, and how are they directing where you go with R&D? Day: We have become a major supplier to those companies based on years of developing image processing – wide dynamic range, low light, and similar features – as well as AVC (advanced) and HEVC (high-efficiency) video encoding. That’s the heritage of our company and why we do business with all these companies. The next treadmill is computer vision – adding the intelligence into the camera. The goal is still being best-in-class in imaging and encoding, but now being best-in-class in adding the intelligence and being able to do all those things with very low power, within the “thermal budget” of the camera. That’s the next big wave. Q: How far away is that in terms of the end-customer? How soon will he or she be able to reap the benefits? Day: By the end of 2018, or maybe next year. We’re just beginning to sample the CV22, for instance, which is the first SoC directed to security cameras. Typically, it takes nine months to develop a camera, maybe longer with an intelligent camera because you are importing so much software. So, we’re talking about the end of this year or next year. Q: Tell me about your current products and the next generation. Day: The CV22 is sampling this quarter. CV2 we announced [in late March], which is a high-performance chip. The idea is that we provide our customers with different price/performance points, so they can produce a family of cameras with different capabilities. They have the same basic software model, so someone can invest in software once and then have different performance points without completely rewriting the software. That’s key. They might have 100 software engineers developing neural networks and all the features, so if you have to recreate that at different price points, it’s a lot of work. Ambarella provides customers with different price/performance points, so they can produce a family of cameras with different capabilities Q: Historically, video analytics have over-promised and under-delivered. What would you say to a sceptical user in terms of how much confidence they should have in the next wave of products? Day: Ambarella has been in the security business for 10 years, and some of us have been in the business for 15 years. Every year I’ve been disappointed by the analytics I have seen at the ISC West show. Every year there are incremental improvements – 2 percent, 5 percent, whatever – but in general, I became a sceptic, as well. What is fundamentally different now is the neural network approach to computer vision. Even for us developing these chips: In CV1 we had a certain level of deep neural network performance. We produced CV22 in the same year with four times the performance, and then CV2 has 20 times the performance in the space of one year. That’s just at the chip level. But the neural network approach to analytics and computer vision is game changing if you look at the things you can do with it compared to traditional analytics approaches. If you look at what it’s doing in automotive and security, you will see significant development. I totally appreciate the scepticism, but I think it is completely game-changing at this point, based on the technology in the chips and based on what’s happening with neural networks. Q: What do you think the next big thing is? Day: I think the next big thing is the neural networks; it’s the intelligence in the camera. People have been pushing toward higher resolution, we’ve done 4K, we have incredible imaging even in really dark scenes. So we have been solving all those problems. And so now to add the computer vision and be able to do that in parallel with the image processing and high-resolution encoding, and all in a chip that is low-power. That’s the differentiator. Q: What else is happening? Jerome Gigot, Senior Director Marketing: There is a lot happening on the consumer side, too, with the home security market. You will see cameras in your home with more and more intelligence. Some are used for video doorbells. On some of the new cameras, we have package notification – you get notified if a package arrives, or if someone steals your package. And new battery-powered cameras are very easy to install with no wires.

The road forward for Arecont Vision after bankruptcy and acquisition
The road forward for Arecont Vision after bankruptcy and acquisition

Arecont Vision is a company in transition to say the least. With its balance sheet burdened with debt, the company is seeking Chapter 11 bankruptcy protection and simultaneously being acquired by a private equity firm. The ‘new’ Arecont Vision that will emerge after several months when the process is complete will have a new owner, a clean balance sheet, and be poised to succeed in the competitive world of video surveillance, says Raul Calderon, Arecont Vision CEO and General Manager.Good companies go through restructuring, and the company will be better off after doing it. We will be able to lead” Ensuring business continuity An asset purchase agreement announced this week with an affiliate of Turnspire Capital Partners LLC involves the private equity firm acquiring Arecont Vision’s assets. To eliminate the debt, the company has initiated proceedings under Chapter 11 of the United State Bankruptcy Code in the District of Delaware. “We want the industry to know that we are restructuring our business and our financing,” says Calderon. “We are not going out of business. It is a financial restructuring more than anything.” Business will continue uninterrupted during the bankruptcy, he says, with debtor-in-possession (DIP) financing provided by Arecont Vision’s current secured lenders. Turnspire, as the ‘stalking-horse bidder’, sets the low-end bidding bar and guarantees the company will have new ownership at the conclusion of the process “Good companies go through restructuring, and the company will be better off after doing it,” Calderon adds. “We will be able to lead and innovate, to be stronger, better and faster once we finish.” For perspective, it is interesting to note that, in the broader business world, some well-known companies have emerged from Chapter 11 even stronger, such as Delta and American Airlines and General Motors. Investment in product development Previously Arecont Vision has been burdened by the costs of $80 million in debt the owners took on in 2014. The burden of that debt has limited the company’s flexibility to react to the more competitive industry landscape, and to implement strategies to reverse softening sales numbers in the last couple of years. “We couldn’t use the money in the company because we were servicing the debt,” says Calderon. “In order to be compliant with the enormous debt service, we made decisions to reduce head count and expenses.” “[The bankruptcy] will free up that money to invest in the organisation,” he adds. “We will be able to make decisions for our future rather than the past, including investments in product development.” Focus and investment will be on key functions such as engineering, product development and sales Although there is an asset purchase agreement in place with Turnspire, there will also be an auction that could result in a higher bidder. Turnspire, as the ‘stalking-horse bidder’, sets the low-end bidding bar and guarantees the company will have new ownership at the conclusion of the process, either Turnspire or a company that outbids their offer. Calderon says Turnspire “shares our vision and will ensure an exciting future for the company.” The transaction is expected to move fast and close within a couple of months.Arecont Vision expects to continue to compete based on technology differentiation in the market, rather than on price Maintaining technology differentiation-based competition Turnspire Capital Partners is a private equity investor that is a ‘turnaround specialist’. Their website describes their role as targeting “high-quality businesses that have reached strategic, operational or financial inflection points and stand to benefit from [a] hands-on, operationally focused approach.” Calderon says Arecont Vision’s investment banker, Imperial Capital, was instrumental in bringing Turnspire to the table. The Turnspire purchase agreement proposes that the new owner retain the majority of employees, and the overall function and motivation of the company will remain. New levels of outsourcing, new software tools, or other strategies may be implemented to increase efficiency of operations. Focus (and investment) are likely to centre on key functions such as engineering, product development and sales. After the acquisition and bankruptcy are completed – in the next several months – Arecont Vision expects to continue to compete based on technology differentiation in the market, rather than on price, says Calderon. Business as usual Customers and partners see it as a positive step, and they understand that getting rid of the debt burden can only be positive” Calderon declined to be more specific about future plans for the company under the new ownership, who will ultimately decide what those plans are. He did reiterate Arecont Vision’s past successes and expected continuing role in the market. “We are looking to provide the leadership and the type of solution we are known for providing,” he says. “We have come out with some innovative things historically, from megapixel cameras to the first H.264 cameras to the first omni-directional cameras. We have not stopped our innovation, and our intent is to lead the market again with innovative solutions. Another key is to do right by our customers today and in the future, improving customer service, providing better offerings to our customers – that’s what we will be looking to do.” “I’ve had a lot of conversations with customers and partners in the last couple of days,” Calderon says. “I can say the conversations have been encouraging. They see it as a positive step, and they understand that getting rid of the debt burden can only be positive. Customers and partners have offered help, and we’re still closing deals. It’s business as usual.” He noted the company is seeking transparency throughout the process and wants to ‘get in front of’ the information flow, rather than allowing others to drive the narrative.