US Cybercrime: On the Rise

Together with the United States Secret Service, CSO magazine, and the CERT Division of the Software Engineering Institute at Carnegie Mellon cybersecurityUniversity the PwC (PricewaterhouseCoopers) published the “2014 US State of Cybercrime Survey“, an annual survey of cybercrime trends. This study reveals that cybercrime is on the rise and most US organizations are not prepared and lack the technology to defend themselves.

According to Tom Ridge, CEO of Ridge Global and the first Secretary of the US Department of Homeland Security, “Cybercrime is a clear, present, and permanent danger. While it’s a permanent condition, however, the actors, threats, and techniques are very dynamic.” In fact, the US Director of National Intelligence has classified cybercrime as the top national security threat, being an even bigger concern than terrorism, espionage, and weapons of mass destruction.

The Survey laid out the following deficiencies in our current system for protecting against cybercrime:

  • Most organizations do not take a strategic approach to cybersecurity spending;
  • Organizations do not assess security capabilities of third-party providers;
  • Supply chain risks are not understood or adequately assessed;
  • Security for mobile devices is inadequate and has elevated risks;
  • Cyber risks are not sufficiently assessed;
  • Organizations do not collaborate to share intelligence on threats and responses;
  • Insider threats are not sufficiently addressed;
  • Employee training and awareness is very effective at deterring and responding to incidents, yet it is lacking at most organizations.

To conclude, the survey outlines the Commerce Department’s National Institute of Standards and Technology’s Cybersecurity Framework and states that although it may be voluntary, it offers significant guidance on how to help organizations identify, implement, and improve their cybersecurity stance.

Article formerly posted at