Travo Cyber Summit: Global Cyber Alliance stresses importance of basic cyber hygiene

Travo Cyber Summit: Global Cyber Alliance stresses importance of basic cyber hygiene

Terry Wilson, the alliance's global partnerships director, says firms can be bewildered by the choice of solutions but that it's vital that industries work together with law enforcement to shit down criminal gangs

The counter-cyber fraud industry was encouraged to show firms what they need to do to improve the take up of basic hygiene measures for protecting firms from attacks.

Terry Wilson, global partnerships director, at the Global Cyber Alliance told the Travolution Cyber Summit, said all firms and all industries should work together to combat the problem.

But he said there can be a bewildering array of solutions which cyber specialists offer which can leave companies vulnerable because they have not implemented basic cyber hygiene.  

“The failure to perform basic cyber hygiene features in a very high proportion of cyberattacks,” Wilson said.

 “The one thing that still frustrates me is the cyber industry tells you what you need to do and you go away and say I’m going to implement that and go online and it’s like a candy store, there’s so much out there. What do you use? What’s the most effective for you?

“The cyber security industry not only needs to tell people what to do but show people how to do it. What we’ve tried to do is show people how to do that.”

Working with the cyber security industry, the GCA targets small to medium sized businesses that do not have awareness or funding.

The not-for-profit group was formed in 2015 by the Manhattan District Attorney’s Office, City of London Police and the Centre for Internet Security. Seed funding came from the international proceeds of crime.

Today 150 partners worldwide including private companies and governments an offices in London, Brussels and New York.

“Our mantra is do something and measure it. Use actionable free tools that can be used and can be scaled,” Wilson said.

THE GCA operates two broads programmes: Internet Integrity at enterprise level; and Capacity and Resilience that provides toolkits for individual businesses.

Under the first one of the areas it works on is improving domain trust by hosting a platform where firms can identify suspect domains so they can be taken down.

Under the second programme the GCA has created a Cyber Security Toolkit for Small Businesses sponsored by Mastercard that offers free solutions. “These are the basics that are designed to help you,” Wilson said.

Over a four-year period when at the Metropolitan Police’s e-Crime Unit, Wilson’s team was responsible for the arrest over 550 cyber criminals globally, having designed and implemented the UK’s response to cybercrime.

“If you want to own a mansion at the end of a dirt track in Siberia you’re welcome to it, but they don’t, these criminals…they fly around the world with the proceeds of their crimes,” he said.

Recently the Ukrainian suspected ringleader of a cybergang known as the JabberZeus Crew which Wilson’s team dismantled in 2013, known as ‘Tank’, was eventually arrested in Geneva.

Wilson said this shows how all firms and industries must work with law enforcement to build up trust and to share information.

“The moral of that story is to be case ready. It’s remiss of industry not to attribute where you can to work with law enforcement, to build that trust to identify these people to build the cases and then park them…and wait for them.”

“We achieved through working in partnership with various sectors £1.01 billion financial harm reduction to the UK as a result of interventions around the world and that was independently assessed by the London School of Economics.

“The positive around this is we’ve got to work together. It’s trust building within sectors, cross sectors working with law enforcement, sharing information, implementing best proactive and doing things that doesn’t have to be really expensive.”