“There is evidence that cybercriminals’ revenues often exceed those of legitimate companies – especially at the small-mid range size.”
The ROI for cybercrime is large and getting larger, while the costs to respond/defend/protect are also rising. So there must be a better way if we are to address the growing asymmetry.
Perhaps, while we continue to build our cyber defences so we can safely operate in the digital world, we also need to look at the non-technical side some more. We need some different thinking to work out how to make the economics of cybercrime swing the other way, to make it less economically viable.
Part of the answer is to make things technically more difficult for the criminals, part of it is to ensure we have adequate cyber first responders – our front-line people – who can deter and respond quickly.
What are some of the other parts to this equation?