According to RSA head of anti-fraud services Daniel Cohen, fighting cyber criminals is all about collecting and using data wisely.
He said: “This includes collecting data on user behaviour, data on the device itself and external threat intelligence. You want to do it in real time or in as near to real time as possible to identify malicious activity.”
Cohen believes the more data organisations are able to collect, the better their analytics engines are and the more accurate they become.
He added: “Our analytics are stopping 98% of fraud, which means fewer than 1% of users are having to answer queries to determine if transactions are fraudulent or not.”
Cohen is confident this approach is absolutely necessary, in light of the transition to crimeware services as part of the industrialisation of cybercrime – which appears to be enabling criminals to go around most traditional defences.
Back in 2013, cyber criminals moved on from malware kits that had to be set up by users, to crimeware services such as GameOver Zeus and Dyer.
Cohen said: “Traditional business differentiators, such as customer service, have migrated to the underground – if the stolen credit card you just bought has been cancelled, you’ll get a refund.
“Other business concepts, such as innovate-to-stay-ahead, are also becoming commonplace among cyber crime-as-a-service suppliers.”
Cohen believes organisations should not panic in the face of unprecedented cyber threats.
He added: “Instead, ensure you are aware of what is happening in the digital world and that you are able to assess risk properly so your most important assets are protected.”