Online criminal activity has become so pervasive that it is “not a solvable problem” and, rather than focusing exclusively on defensive techniques, organisations are better advised to ensure they have a way to gather and quickly analyse data, the head of a fast-growing local software success story has warned.
Wynyard Group, which was founded in 2012 and raised $100 million in a 2013 initial public offering, has grown rapidly – from around 50 staff to more than 250 people in offices across 4 continents – on the back of surging demand for crime analytics solutions that collate and churn through masses of incident-related information.
The company's solutions are targeted at forensic work and have gained strong support amongst law-enforcement and intelligence communities, with recent wins helping track the US-based 'Felony Lane' gang of fraudsters and a deal with PCSU to use Wynyard's technology for internal fraud analytics.
The tools are designed to not only enable analytics, but to do so within a context of strong governance and forensic controls – and, CEO Craig Richardson told CSO Australia, such controls are increasingly becoming relevant to ever more-complex cybercrime investigations.
“We're not in the network defence game,” Richardson said. “We're in the prevention game – but in our view of the world, the cyber threat is not a solvable problem, it is an unsolvable problem. And, so, corporations and government are moving to consider how they can best manage and reduce the harm it causes.”
Wynyard's technology was, for example, recently selected to be used in conjunction with New Zealand's Child Protection Offender Register, which will be analysed by the New Zealand Police in an effort to predict reoffending.
With sophisticated organised-crime networks offering “more efficient command-and-control networks than most government agencies”, the value of a data-analysis tool in correlating relationships between elements would increase over time in both real-world investigations and investigations into cyber-criminal activity,
This requires sorting through mountains of both structured and unstructured data, sourced from a broad range of systems and stored in a variety of data formats and often produced by a range of statutory authorities. Sourcing this data, in turn, requires a robust defensive framework, with appropriate security tools capable of contributing meaningful data logs.
“Most countries use an approach where they put all the information about offenders in one place and hope it stays up to date,” Richardson said. “They rely on other agencies to keep their data up to date – and this usually falls down.”
The need to take a more proactive approach to the process will be a major component of cybercrime defence as advanced cybercrime activity continues to escalate throughout this year and beyond, Richardson said.
“I think we're just at the dawn of the really sophisticated actors,” he explained. “Whereas before it was a Web site hacked or a few credit cards stolen, we are at the point where you're going to see infrastructure at risk and economies disrupted.”
“Most governments around the world are being quite open about that. They're going to need people pulling data from a number of places to give people responsible for managing offenders, the best chance of intercepting what might go wrong.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.