The True Cost of Cybercrime

The incidence and cost of cybercrime is skyrocketing, and businesses are having trouble keeping up

According to research from Accenture, the cost of cybercrime increased by 27 percent between 2016 and 2017, and the average cost of cybersecurity, on an annualized basis, stands at $11.7 million. As the world becomes more connected, and more data is stored, these costs are only expected to rise, according to the report. Furthermore, the public now pays attention to data compromises more than ever before, and the reputation hit companies take when their systems are compromised has risen significantly. Large players in the industry are taking note, and companies including Microsoft and HPE are taking steps to help mitigate damage. Kyle Todd, HPE’s Microsoft Category Leader, recently explained some improvements being made.

Cybercrime 101: Just the Facts

Other facts outlined in Accenture report noted that ransomware attacks, perhaps the most lucrative form of cybercrime, doubled between 2016 and 2017. Furthermore, companies spend approximately 3.8 percent of their IT budgets on security, a figure that dropped from 4 percent in 2014. Perhaps most concerning, 56 percent of executives state that their response to security is reactive instead of proactive. Todd outlines how this approach leaves companies vulnerable, as it typically takes only 24 to 48 hours for cybercriminals to compromise systems, and they can go undetected for an average of 100 days or even longer. These undetected intrusions allow cybercriminals to collect more and more data, and they can lead to compromises of other systems. Furthermore, undetected intrusions let attackers plan their next attacks, so ransomware attacks, for example, might be even more expensive to resolve.

Credential Guard

Some of the most powerful tools for protecting data come included in Windows Server 2016. Credential Guard, in particular, should be a central technology for those relying on Windows Server. Modern secure computing relies on digital hashes as an improvement over passwords, and eliminating the need for passwords significantly reduces potential attack vectors. However, cybercriminals can actually use the hashes in place of system passwords, giving them virtual keys to data. Because hashes are so well trusted, compromises often go undetected for extended periods of time. Once they’re able to access domain admin privileges through compromised hashes, the entire system is completely compromised. Credential Guard includes a number of integrated safeguards to prevent these attacks, which can be some of the most difficult to detect and recover from. By cutting off these attacks through Credential Guard, companies can fend off attackers focusing on the most popular intrusion techniques.

Just Enough Administration and Just-in-Time Administration

Historically, admin accounts often have full range over systems, with only small limitations put in place. Just Enough Administration offers a more sophisticated approach, so even if an admin account is compromised, would-be hackers will find themselves with very few privileges, significantly limiting their ability to inflict damage or steal data. Just-in-Time administration fixes the problem of admin creep. When users are given admin privileges to perform certain tasks, these privileges are rarely taken away. The Just-in-Time approach ensures accounts that don’t need ongoing admin privileges don’t serve as attack vectors. By being able to remove access to admin functions, Just-in-Time administration provides a more fine-grained approach to information access.

Device Guard and Enhanced Auditing Capabilities

We use more and more devices and device classes than ever before, which creates an array of potential attacks. Device Guard is used to create policies that restrict the ability of a hacker to install malware that could make an entire datacenter vulnerable to attack. Enhanced Auditing Capabilities serve as a powerful complement. Malicious actors can often fly under the radar while compromising a system, as potential signs of intrusion would be ignored as noise. Enhanced Auditing Capabilities can seek out these signs, giving companies the ability to react promptly and prevent damage.

HPE Gen10 Server Security: Silicon Root of Trust

Network security is at the forefront of keeping systems safe. However, hackers are moving toward targeting system BIOS and firmware, creating ways to infiltrate systems that won’t be caught by firewalls and other technology. Instead of viewing bits of firmware as independent units, HPE has created a cohesive web of firmware that works in an integrated manner. The Silicon Root of Trust analyzes the fingerprint created by a system’s firmware, and this fingerprint is regularly measured so the attacked area can be isolated and administrators can be alerted instantly if the critical firmware has been compromised. As the line between hardware and software becomes less clear, focusing on hardware security is becoming even more important. The Silicon Root of Trust serves as a powerful top-down means of monitoring for intrusions and mitigating potential harm.

HPE Gen10 Server security: HPE Secure Compute Lifecycle

The National Institute of Standards and Technology stands at the forefront of developing systems safe from cybersecurity attacks, but the complexity of the technology they develop, and potential associated costs, means adoption has been fairly slow. Their advances include both standards for software and hardware, and systems that meet these standards can be assured of having state-of-the-art capabilities. HPE  is the only system vendor that has invested in the  high levels of security provided by NIST, at costs that are competitive with systems that don’t comply with these standards.  . Focusing on the well-funded results of NIST research makes HPE a clear choice for companies looking for the utmost in security. NIST also follows guidelines for ensuring data on used storage devices is scrubbed in such a way that it can’t be recovered, even with the most sophisticated tools available.

For those outside of IT operations, the solution to cybercrime seems simple: Just spend more money. Those who work in datacenters and make decisions, however, realize that budgets can’t keep rising forever, and what’s needed is a smart approach that takes advantage of modern security practices. HPE is focused on delivering the highest levels of security for their customers, but they’re also mindful of the typical budgets companies can afford. Security is a critical investment, and using contemporary approaches to both hardware and software security can prevent the cost and embarrassment of having a system compromised.