How to combat cybercrime with a bit of military-style preparedness
October 15, 2024 | By Ron GreenAs deepfake videos become more sophisticated and social engineering attacks soar, cybercrime is becoming an epidemic — one poised to cost individuals and organizations worldwide $9.5 trillion this year alone.
Yet there is a dearth of professionals who know how to combat cybercrime. The World Economic Forum estimates that we have a shortage of nearly 4 million cybersecurity workers worldwide. The time to fill this gaping hole is now.
Part of the problem is that, to many, cybersecurity remains shrouded in mystery. Because the workings of hackers are largely invisible, victims often feel as though an evil spell has been cast over them and their devices.
Rather than magic, the secret to combating cybercrime is good old-fashioned tactical thinking. My service as a U.S. Army officer showed me the importance of recruiting the right people and relying on rigorous training and scenario planning to prepare us for emerging threats.
For starters, we need to act quickly. While more people are enrolling in cybersecurity college programs, we do not have time to wait for them to get the work experience companies want. Instead, employers should consider fast-tracking cybersecurity talent by opening up apprenticeships and creating opportunities to give people hands-on experience as quickly as possible.
Throwing the net wider would also bring people from all walks of life into the industry. As we’re increasingly relying on artificial intelligence to sift through mountains of data and intelligence for clues, we need more creative thinkers to analyze that information and plug security gaps.
Establishing virtual national cyber academies with a flexible “app store”-style training program would help people from non-technical backgrounds select the courses they need to build up their skill sets.
But education is just one prong in an effective defense strategy. We also need national centers for cybersecurity training to run real-time scenarios to see how governments, companies and infrastructure providers work together in a crisis to maximize their impact.
In the same way that my U.S. Secret Service training helped build muscle memory, regular rehearsals could potentially save the day when even the best-laid strategies have fallen by the wayside. As Mike Tyson once memorably said: “Everybody has plans until they get hit for the first time.”
Corporate leadership also needs to get up to speed. Though companies have tightened cybersecurity measures in recent years, many members of their boards of directors do not understand the challenge, which could put their operations at risk and paralyze their decision-making.
At this stage, everyone on a corporate board must have a grip on the basics, which is why we’re working on a training program with the Cybersecurity and Infrastructure Security Agency and the U.S. Secret Service to get them up to speed.
Not surprisingly, small businesses are still at greatest risk from potentially crippling cyberattacks. Owners can no longer rely on their tech-savvy daughter or neighbor to install antivirus software for them. They need to protect themselves with free resources, such as the Global Cyber Alliance Cybersecurity Toolkit.
Aside from insulating ourselves against attacks, we need to have faith that criminals will be tracked down and prosecuted. Our law enforcers, from police to prosecutors to judges. have a firm grip on digital crime, but it’s imperative that companies like Mastercard keep them up to date on the latest technical developments.
Luckily, we are not working in a vacuum. Amid this global crisis, countries share information on the best ways to keep us all safe. For instance, Mastercard’s European Cyber Resilience Center is working with national intelligence agencies, law enforcement and companies in Belgium to give us the edge we need.
But while cybercriminals might be exploiting AI’s growth, most attacks still hinge on people opening a dubious email or failing to notice jerky deepfake video moves, which is why we all need to think before we click.
After all, there is no magic wand to make cybercrime disappear and save us.