Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesLogical Security

Cybercriminals are winning: How companies can turn the tide

By Jess Parnell
laptop.jpg

Image via Unsplash

May 29, 2023

As the digital realm expands and thrives, so too does the nefarious world of cybercrime. If current trends continue, the annual cost of cyberattacks is projected to skyrocket to $10.5 trillion by 2025 — a staggering 300% increase from 2015.

Faced with this ongoing cyber assault, organizations worldwide are expected to shell out $1.75 trillion on cybersecurity measures from 2021 to 2025, which represents 15% year-over-year growth. Yet even this may not be enough to combat the problem. A survey of 4,000 medium-size companies shows that threat volumes continue to double year over year.

It’s clear that today’s security paradigm is broken. At no time in history have organizations spent as much money as they are right now on cybersecurity to prevent bad things from happening. But at no time in history have more bad things happened to them than they are right now. In short, security leaders are losing the battle against cybercrime. Period.

The problem — one of the problems — is that many organizations continue to embrace cybersecurity tactics that are ineffective. One example is detection and response. I liken this tactic to a game of “whack-a-mole” because it involves constantly identifying and mitigating threats as they arise.

Just as in a game of whack-a-mole, in which the moles constantly pop out of different holes and the player must quickly hit them, cyber attackers are constantly finding new ways to infiltrate systems and steal sensitive information. As soon as one cyber threat is dealt with, a new one pops up. In some sense it is an asymmetric battle, as the attackers are motivated and funded to do harm, while defenders need to put effort and resources into counteracting them.

The human factor

Another problem is that today’s approach to cybersecurity typically involves a human who sets the security policies and then goes away. The moment those policies are set, they’re already out of date. The bad guys are constantly probing and doing reconnaissance to see how they can or can’t get through the defenses and they are constantly adjusting their tactics to improve their success rate.

The reality is that humans are fallible and they can make mistakes when setting security policies. The policies may be too strict, which can hinder productivity, or they may be not strict enough, which can leave the organization vulnerable to cyberattacks. What’s more, the threat landscape is constantly changing and what may have been a sufficient security policy yesterday may not be sufficient today or tomorrow. When humans set security policies and then go away, they are not actively monitoring and updating those policies to ensure they remain effective in the face of new threats.

That’s why organizations quickly run out of human runway and it’s why their infrastructure is quickly overloaded. Today’s technology is not designed to function in a manner that’s commensurate with the threat. It’s not as dynamic or as extensible as it needs to be.

A better approach

A more effective approach is proactive protection that leverages cyber threat intelligence to cut down the noise and make the defenders more efficient. With the rapid pace of cyber threats today, the window for responding to an attack can be short. This is especially true for fast-moving threats like malware outbreaks and network intrusions, which can cause significant harm if not promptly addressed. Real-time threat intelligence empowers security teams to take decisive action to mitigate the impact of a threat, such as blocking malicious traffic, isolating infected systems and deploying patches to fix vulnerabilities.

Today, organizations are ingesting 100% of the noise the internet throws at them. For example, a typical security analyst has to wade through hundreds of pages of security logs every day to assess current threat levels. That’s a ridiculous number of log reports to look at, most of which are not even actionable. They’re just noise. It’s like having a crowd of people screaming at the top of their lungs for an hour.

A real-time cyber intelligence approach can filter all that noise and give customers the actionable information they need. If a “known bad” is identified by the threat intelligence, it can cut off the threat before it even enters the network — making users almost invisible to the threat actor community.

Better still, the threat data can be updated every few minutes. This enables organizations to take control of their future by incorporating real-time cyber threat intelligence into their defense measures. This approach proactively shields organizations from 99% of the attacks that have been identified and mapped by the global threat-intelligence community. When that happens, organizations have a functional security team that can accomplish more at a fraction of the time and budget.

Inadequate cybersecurity measures can have serious consequences for companies. Organizations that continue to embrace ineffective cybersecurity tactics, such as the whack-a-mole approach mentioned earlier, risk being swallowed up in the ever-evolving threat landscape. A far more effective approach is proactive protection that leverages cyber threat intelligence to quickly identify and address potential threats. That’s how we’ll win the cyber battle once and for all.

KEYWORDS: cyber attack costs cyber attack response cyber criminal cyber threat cyber threats cybercrime

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jess Parnell is Vice President of Security Operations at Centripetal.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • CCPA

    State Privacy Regulations Are Long Overdue: How Can Companies Prepare?

    See More
  • data privacy

    Accidental database breaches are on the rise – How can your company avoid becoming the next headline?

    See More
  • SEC0819-Cyber-Feat-slide1_900px

    Securing the Mainframe: How Companies can Empower Security Analysts to Protect the Backbone of Their Enterprise

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing