Stuart Aston, Microsoft’s UK national security officer, says that over the last few years, cybercrime has reached a tipping point. “Representing more than half of all reported UK crime, it costs the average UK business over £4 million every year,” he explains.
But, he says, that constant steady (albeit exponential) rise in volume, variations and severity of attacks isn’t the main driver of awareness for executives. “The current spotlight on state-sponsored attacks threatening global economic and political stability will bring much more attention to the issue: from cybercriminals seeking to exploit this opportunity, to solution providers focused on prevention, to the public sector and commercial organisations increasingly at risk from attack.”
In order to get a sense of the breadth of threat mitigation governments and businesses have to consider, Aston advises us to take a look at the how some of the government’s £1.9 billion investment in the National Cybersecurity Strategy is being spent. He points towards drone-hacking boot camps and a training college for cybersecurity at the famed codebreaking site Bletchley Park as just two examples.
Looking ahead, Aston says the need for better security will only grow. “We will continue to have more connected things (phones, drones, home appliances, toys, etc) creating exponentially more data and more exploitable nodes,” he explains. “As such, solution providers will invest heavily in artificial intelligence to keep this data secure. This means looking at everything from the devices we use (for example, advanced facial recognition and other biometrics) to international networks using machine learning to detect threat patterns using huge data sets.
“In 2017, much of this advanced cybersecurity functionality will fade into the background: an assumed part of the services consumers and businesses, but – given the global impact of cybercrime last year – it will also provide organisations the opportunity to renew their interest in staying current (the curve keeps moving too fast to stay 'ahead') with the policies and solutions to help them protect against, detect and respond to security threats.”