IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers 'are no longer winning', says KPMG cyber chief

Despite progress over the past two years, a wealth of threats still plague both the public and private sectors

Hacker in the shadows

Hackers are 'no longer winning the cyber crime war' following years of public and private investment and cross-industry collaboration, according to KPMG's global head of cyber futures David Ferbrache.

The nation's cyber resilience against hackers has improved over the past two years, with joint operations between law enforcement and the private sector frustrating opportunities for criminals to profit from cyber crime.

Speaking at a London technology forum on Thursday, Ferbrache said: "I'm not sure they quite are [winning the war], curiously... I would have given you a different answer two years ago."

"The takedown operations by law enforcement in conjunction with tech firms, telecoms, financial services are getting better, faster and more disruptive in terms of some of the things that the dark web sites use for trading information," he said.

He also said that active defence measures taken by the National Cyber Security Centre, that are being used to protect the wider population who cannot be expected to implement advanced cyber security protocols, are also very effective at keeping the bad guys at bay.

It's also becoming increasingly difficult to hack modern systems, something he observed during his time as red team exercise leader at the professional services firm, he explained.

"It's actually getting harder to break into well-configured systems than it used to be. I used to run the red team penetration testing for KPMG as well and our job was getting harder."

He added it's the systems that aren't well-configured that worry him the most, such as easily discoverable routers left with their default passwords unchanged.

Echoing the tone of the Westminster eForum discussion around the UK's cyber security capabilities, Fiona Boyd, head of cyber security operations at Fujitsu EMEIA, described the fight against hackers as "a constant war of attrition".

Boyd cited figures from the Student Loans Company, which in 2015 reported three cyber attacks on the business. A year later, that rose to 95, and in the fiscal year 17/18 that rose to 965,000.

Although Ferbrache said things are getting better, there was agreement on the panel that pervasive threats still threaten the cyber security of both the public and private sectors in the UK.

Smart malware

Jeremy Watson, professor of engineering systems at University College London (UCL), said that he was "excited" at the prospect of smarter, AI-powered cyber defence tools becoming available, but added AI-driven malware is already a threat.

"At UCL we've been looking at how AI can shape an attack system for industrial control systems and been able to show that it is possible to do that as well as to defend," said Watson. "So, if we can do that from an academic point of view then clearly people with malintent and the resources can do it in other ways."

Speakers added that 'secure by design' protocols should be implemented as soon as possible to help secure the growing internet of things (IoT) industry, which is set to explode as manufacturers capitalise on the demand for smarter devices.

This would include the creation of new business models to make securing IoT devices more attractive for manufacturers, according to Watson.

However, the panel warned that without legislation compelling manufacturers to bake security measures into the device as standard, it becomes a difficult task.

"If you look at the darker side of some security, it's like selling the absence of the negative - it isn't necessarily an easy sell," said Watson.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022