The reporter was nearly screaming at me: “I don’t have time for SecureMail! Just give me the #$%^& file!”

I explained that SecureMail is part of our multi-layer security strategy at COCC, and that many more measures are in place to thwart the increasing complexity and effectiveness of cybercrime attacks. We filter web traffic, encrypt emails, monitor system logs, and much, much more. It didn’t matter. I was wasting the reporter’s time.

Several days later, I read about a bank that discovered that as many as 100 user names and passwords on high-profile business accounts had been exposed. The customer service representative who managed these accounts had responded to a spear phishing email. By clicking on the email, her PC was infected with a program that hunted down her system credentials and transmitted them to criminals, who then tried to wire money out of the accounts.

How did the bank discover the breach? By following routine security procedures – the type that so annoyed the reporter above. A bank staffer in the wires department had noticed a wire transfer request addressed to an unknown account outside of the bank.

By alerting others, this person helped the bank prevent any money from leaving the customer’s account and, in so doing, shut down the cybercrime operation altogether. Just by following procedures. Just by avoiding the temptation to scream about inconvenient security measures.

The fact is that security procedures work against a very real threat. The 2012 Norton Cybercrime Report estimated that 556 million victims were falling prey to cybercrime. That’s 1.5 million victims per day or 18 victims per second. I believe the number has grown in 2013.

Still, a Lancope survey, published in a recent Infosecurity article, has revealed that nearly two-thirds of organizations believe that they have either not experienced any security incidents over the last 12 to 18 months, or are unsure whether they have or not.

Why the disconnect? Because there is a vast world of cybercrime beyond the “in-your-face” attacks by hacktavists such as WikiLeaks.

Advanced persistent threats (APTs) use sophisticated methods to quietly infiltrate an organization’s network, gain access to valid credentials which allow criminals to sabotage IT resources or steal confidential data. That’s why an organization can be the victim of an APT attack for months or even years before becoming aware of it.

False Sense Of Security

Many organizations have a false sense of security, believing that their commercial, endpoint antivirus software, coupled with perimeter defenses such as network intrusion prevention systems, will protect them against most cyber attacks. The fact is that attackers not only know this formula – they test their exploit against commercial security solutions before distributing it, to ensure that their cyber crime exploit will escape detection.

Of course, every APT has an Achilles’ heel. To complete the crime, the APT has to send the stolen data back to the criminals. This network activity, as well as the APT’s attempts to explore the network in search of data, provide opportunities to identify and halt the threat. That’s why extensive monitoring of outbound network traffic is so essential to your institution’s cyber security.

By collecting and analyzing outgoing data traffic, your security team can greatly increase the likelihood of spotting intrusions and other malicious activity. Unexpected (aka suspicious) behavior might include a desktop scanning ports or a file server sending traffic outside of the network. When performed without permission, these activities should trigger alarm bells at your bank or credit union.

As a matter of fact, a careful review of those network logs can actually help your organization discover the perpetrators of the crime. That is, if your organization takes the threat seriously enough to apply resources to protecting itself.

A recent study by the Ponemon Institute on the cost of cybercrime showed that companies that invest in security technology and human resources actually save money in the cybercrime arena compared with companies that don’t.

The press can certainly help the public follow security procedures and pay attention to anomalies. Unfortunately, my impatient reporter friend might be too impatient to encourage these inconveniences anytime soon. 

Robert Bessel is the public relations director for Avon, Conn.-based COCC Inc.