A listener of my podcast suggested a topic about the internet and law enforcement.
With the predicted cost of cyberattacks being an estimated $6 trillion by 2021, why does it seem there is no one to help the victims of these attacks? Sure, there are regulators like the FTC, but they don’t help catch the bad guys, they’re just there to catch you when you drop the ball.
In most cases when money is stolen from a company or a bank through the internet, little or no money can be recovered and the criminal gets off with your cash. While this may be a good incentive to take cyber security more seriously, why is it like this in the first place?
The answer is, in simple terms, because it’s similar to the Wild West or the 1920’s. I’ve mentioned this in my blog before, but governments and law enforcement are still developing laws and policies for cybercrime, which leaves much room for improvement when it comes to catching criminals.
In the age of gangsters, one of the big problems police had with catching them was the fact that their methods and tools were innovating and upgrading at a much faster rate than what the police could keep up with.
After World War I with the invention of the machine gun, mobsters could easily kill multiple people within a matter of seconds. How could any local sheriff with a revolver keep up?
This was the same with high-speed cars that gangsters could use to outrun police who usually had old cars that were far from capable of catching them. Even the lack of proper laws concerning interstate jurisdiction hindered law enforcement from catching gangsters.
This is exactly what is going on today with cybercriminals and their amazing ability to constantly innovate their methods and strategies (you can read more about this unique aspect of cybercrime in my book, Fire Doesn’t Innovate). In fact, bank robbery wasn’t driven down to low rates until the 1990’s when bank branches finally had everything they needed to effectively stave off robbers.
This is essentially the current state with law enforcement and cybercriminals. Information security officers are low in supply, new lingo and planning methods are constantly evolving, and the internet is a totally different playing field than the physical world where most crimes used to be committed.
The police are playing catch-up, and as a consequence will not be much help. This is just more incentive for you to get serious about your company’s cybersecurity so you don’t get burned because unfortunately, a medic will not come. Think of it like the Wild West, a place with no sheriff to enforce the laws. It’s just you and your firewalls.