cybercrime

Category

Posts

GCA Press Release

More than $10 Billion in Data Breach Losses Over Past Five Years from the Studied Incidents Might Have Been Prevented, and $150 To $200 Billion in Global Losses from Cybercrime


NEW YORK, June 12, 2019 — New research from the Global Cyber Alliance (GCA) has found that Domain Name System (DNS) firewalls, also known as protective DNS, which are freely available and easy to install, could prevent 33% of cybersecurity data breaches from occurring.

Through a simple tweak, DNS firewalls leverage threat intelligence from cybersecurity companies and/or public sources to automatically prevent users from visiting known malicious sites. Most often consumers visit a malicious site when they click on a malicious link or mistype a legitimate web address.  Malicious software on a computer or phone can also cause a visit to a malicious site.

According to Verizon’s long-running and industry-leading Data Breach Investigations Report, there were more than 11,000 confirmed data breaches collected and analyzed over the past five years. Independent researchers Shostack & Associates and Cyentia Institute working with GCA were able to determine that 3,668 of those breaches would have been potentially thwarted if users had a DNS firewall deployed.

“The constant stream of breaches has unfortunately caused many small businesses and consumers to simply accept cyber-attacks – that no matter what they do they cannot protect themselves,” said Philip Reitinger, President and CEO of the Global Cyber Alliance. “However, there are many easy-to-implement steps that can prevent businesses and consumers from being another notch in the belt of a hacker. Our research shows that protective DNS services are among the most valuable.”

According to the study, DNS firewalls might have prevented $10 billion in data breach losses over from the 11,000 incidents in the past five years. And the actual figure may be more – the researchers were unable to measure every case where a DNS firewall could have protected the victim, and their estimate of the financial impact is probably biased low.

Finally, as DNS firewalls might affect one-third of cyber incidents, and with current estimates of the scope of cybercrime, DNS firewalls might play a role in stopping $150 to $200 billion in losses every year.

DNS is the “phone directory” of the Internet as it translates human readable names like globalcyberalliance.org into computer addresses – a string of numbers otherwise known as an IP address. In order to access websites on the Internet, your computer must leverage a DNS service that is usually configured by your Internet Service Provider or your network administrator.

“I’ve always been a big fan of DNS-based controls, and I’m glad to see GCA doing something like this. There are relatively few security measures that address so many threats for so little cost and effort. I’ve configured all my home devices to use Quad9, and I suggest you give it a look as well,” Wade Baker, Ph.D., Partner, Cyentia Institute.

The Global Cyber Alliance, in collaboration with IBM and the Packet Clearing House, developed and launched Quad9, a free DNS security service that blocks known malicious domains, preventing computers and Internet of Things devices from connecting to malware or phishing sites.

A fully detailed report that highlights the GCA methodology and research findings can be found in the following report:  The Economic Value of DNS Security.

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

 

 

Stifel headshot

Stifel headshotThis week GCA adds another cybersecurity notable to its roster – Megan Stifel. Megan will serve as Senior Policy Counsel, where she will advise on cybersecurity policy issues, work with GCA’s US-based partners, and help drive deployment of GCA solutions.

Megan comes to GCA from Public Knowledge where she served as the Cybersecurity Policy Director and ran a cybersecurity operations and policy consulting firm, Silicon Harbor Consultants. Megan, an attorney, has deep roots in cybersecurity. She served as Senior Policy Advisor with Technology for Global Security, is a Senior Fellow in the Atlantic Council’s Cyber Statecraft Initiative and a Visiting Fellow at George Mason University’s National Security Institute. Her background includes time in government as Director for International Cyber Policy at the National Security Council, Director for Cyber Policy in the National Security Division, and as counsel in the Criminal Division’s Computer Crime and Intellectual Property Section at the US Department of Justice.

“I am very pleased to announce that Megan Stifel is joining GCA as it’s Senior Policy Counsel,” said Philip Reitinger, President and CEO of the Global Cyber Alliance.  Megan’s experience at the US Department of Justice and on the National Security Council, addressing international cybersecurity policy issues and helping stem cybercrime, will add new muscle to GCA’s efforts to mitigate global cyber risk.  Like GCA, Megan is a ‘doer,’ and that’s what we value most.”

“I’m honored and excited to join the GCA team at a critical time in international engagement on cyber issues,” said Megan. “I look forward to bringing my experience to support and expand GCA’s practical and effective approach of Do Something. Measure It. to reduce cyber risk and evolve a more sustainable Internet ecosystem.”

Megan also has experience in private practice, and prior to law school she worked for the US House of Representatives, Permanent Select Committee on Intelligence.

Toolkit Screen

Free, online resource helps drive immediate action to significantly reduce their cyber risk


NEW YORK, February 19, 2019 — The Global Cyber Alliance (GCA) and Mastercard today released a new Cybersecurity Toolkit specifically designed for small and medium businesses. This free online resource is available worldwide and offers actionable guidance and tools with clear directions to combat the increasing volume of cyberattacks.

Some estimates indicate that 58 percent of cyberattacks are targeted against small businesses[1]. These attacks include phishing, malware and ransomware – all of which can have devastating financial consequences. According to the Organisation for Economic Co-operation and Development (OECD):[2]

  • Small businesses account for 99 percent of businesses globally, including businesses in the US, EU, and the UK.
  • Small businesses account for 70 percent of jobs, on average.
  • Small businesses generate more than half of the value added by most economies.

Resourcing small businesses with tools to protect themselves from ever-evolving cyber risks not only strengthens their individual businesses but also supports the health of the entire commercial ecosystem, including governments and larger companies. Helping these small businesses be more secure by taking a few reasonable steps will significantly reduce risk for both the small business and its partners, no matter their size or resources.

The GCA Cybersecurity Toolkit arms small business owners with basic security controls and guidance, including:

  • Operational tools that help them take inventory of their cyber-related assets, create and maintain strong passwords, use multi-factor authentication, perform backups of critical data, prevent phishing and viruses, and more
  • How-to materials, such as template policies and forms, training videos, and other foundational documents they can customize for their organizations
  • Recognized best practices from leading organizations in the industry including the Center for Internet Security Controls, the UK’s National Cyber Security Centre Cyber Essentials, the Australian Cyber Security Centre’s Essential Eight, and Mastercard

“What sets the Global Cyber Alliance Cybersecurity Toolkit apart is that it is an action kit,” said Philip Reitinger, president and CEO of Global Cyber Alliance. “Our focus is on producing a dynamic clearinghouse of operational tools that help small and medium businesses address risk and improve their cybersecurity posture, leveraging the deep expertise of our network of global partners, such as Mastercard, and the experiences of actual GCA toolkit users.”

As a Development Sponsor, Mastercard has shaped the priorities and early success of the GCA Cybersecurity Toolkit, helping to make it accessible to millions around the globe.

“Safety and security are core to our brand,” says Ron Green, chief security officer, Mastercard. “Every day, we are committed to developing new and better ways to keep payments safe – especially for small businesses, the lifeblood of any economy. By partnering with the Global Cyber Alliance, we’re helping entrepreneurs and business owners to better protect themselves. In that way, they can stay focused on what they do best: running and growing their business.”

The Global Cyber Alliance has partnered with several additional organizations to create the GCA Cybersecurity Toolkit, including the Center for Internet Security, the Cyber Readiness Institute, the City of London and the City of New York. The toolkit will also be regularly updated with input from users, industry experts, and public and private partners across the globe.

“I applaud the deployment of a cyber toolkit for small and medium businesses. This support is of critical importance to help smaller organizations effectively deal with increasingly complex and more frequent cyber threats,” said John Gilligan, president and CEO of the Center for Internet Security.

City of London Police Commissioner Ian Dyson said, “As the national lead force for fraud and a founding member of the Global Cyber Alliance, we are always pleased to see new initiatives that will assist businesses in improving their cyber security. Businesses lost £6.7 million as a result of social media and email accounts being compromised between April and September 2018. It’s therefore essential that we, as a force, continue to work closely with businesses as well as the organisations that serve to protect them.”

“When we launched the Global Cyber Alliance we set out to empower organizations of all sizes with the tools they need to prevent cybercrime. The Global Cyber Alliance’s free Cybersecurity Toolkit provides small- and medium-sized businesses with immediate, concrete steps to protect their companies and customers against crippling cyberattacks, and I thank each of the public and private partners who contributed their world-class expertise,” said Cyrus Vance, Jr., Manhattan District Attorney.

“NYCEDC is proud to partner with the Global Cyber Alliance on the Cybersecurity Toolkit to better educate small businesses about the risks of cyberattacks. Small businesses play a critical role in New York City’s economy and represent an underserved customer base for cyber education and technologies,” said Nicholas Lalla, project lead for Cyber NYC, at the New York City Economic Development Corporation (NYCEDC).

Cyber NYC is a $100 million public-private investment to build a vibrant and inclusive cybersecurity ecosystem.  On November 1, 2018, the NYCEDC launched their Cybersecurity Moonshot Challenge, asking the industry to develop and deliver affordable and scalable cybersecurity solutions for small businesses.  As part of their partnership with the Global Cyber Alliance, finalists will be considered for inclusion in the GCA Cybersecurity Toolkit.  New York City will promote the free toolkit to New York City businesses through NYC Secure.

Managing Director of the Cyber Readiness Institute Kiersten Todt said, “The Cyber Readiness Institute is so pleased to support and collaborate with the Global Cyber Alliance on helping small businesses reduce their cyber risk.  Our approaches are complementary, and our partnership highlights the importance of integrating the multiple cybersecurity efforts that exist to ensure efficiency and effectiveness for small businesses.  I look forward to what our organizations will achieve together.”

The Global Cyber Alliance will expand the Cybersecurity Toolkit to help other sectors address the changing cyber threat landscape. Additional launches are planned this year with support from the District Attorney of New York, Craig Newmark Philanthropies, Corporation of London, Center for Internet Security and others.

To access the GCA Cybersecurity Toolkit, visit https://gcatoolkit.org/smallbusiness.

To read more about what our partners and small businesses are saying about the GCA Cybersecurity Toolkit, visit our blog.

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect.  Learn more at www.globalcyberalliance.org.

 

About Mastercard Incorporated
Mastercard (NYSE: MA), www.mastercard.com, is a technology company in the global payments industry. Our global payments processing network connects consumers, financial institutions, merchants, governments and businesses in more than 210 countries and territories. Mastercard products and solutions make everyday commerce activities – such as shopping, traveling, running a business and managing finances – easier, more secure and more efficient for everyone. Follow us on Twitter @MastercardNews, join the discussion on the Beyond the Transaction Blog and subscribe for the latest news on the Engagement Bureau.

 

 

[1] 2018 Verizon Data Breach Report

[2] OECD