14 December 2017
Andre Edelbrock

AndreEdelbrock

Andre Edelbrock - Ethoca

8Posts 33,550Views 1Comments
Information Security

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...
A post relating to this item from Finextra:

Going underground

13 February 2009  |  11285 views  |  2
face-pointer81159.jpg
Kimberly Kiefer Peretti from the Computer Crime and Intellectual Property Section of the US Department of Justice probes the shady world of 'carding' and the organisations behind large-scale data brea...

Cybercrime Czar? Government bailout for cybercrime?

01 June 2009  |  4591 views  |  0

Barack Obama announced last week that there will be a new Cybercrime Czar in the US reporting directly to the president. We wonder what, if any good that will do. Can he/she be more than a figurehead when the crimes they want to stop originate in the Ukraine or Bulgaria or Indonesia? Will they attempt to burden us with more ineffective regulation? Will they prescribe government ordained solutions that deal with the problems of 6-12 months ago, rather than let the free market respond with solutions in real time? We don't know, but the fact that Obama's servers were hacked during his much-touted social media-driven campaign gives some insight into why he believes this is so important.

Cyber-banditry long ago outgrew the notion of the solo, acned, 17 year-old hacker in his parents' basement, and is now recognized as being a truly global criminal enterprise.  And while international cooperation is important, depending on governments to protect data privacy and security will only go so far.  Critical differences in national laws for investigation, prosecution and conviction stand as ready-made barriers to effective international cooperation.  Attaching penalties to mishandling of sensitive data makes sense, but depending on governments for comprehensive oversight is a flawed strategy.  And this presumes that all jurisdictions care enough about cybercrime to have laws on the books.

For example, in some jurisdictions, data can be used to make a case, but not prosecute.  An article at mondaq.com authored by Prokauer Rose LLP, 'European Union: EU Data Privacy Agency Adopts Recommendations On Reconciling EU Data Privacy Requirements With U.S. Litigation Rules', highlights how differences in jurisdictions' data privacy laws between the EU and US can heavily constrain prosecutors.  Commerce is global, and crime is global - but anti-crime laws remain national and sometimes even more localized, with state and provincial laws able to hamstring international investigations and prosecutions.

To understand just how global and insidious cybercrime has become, every CIO, CFO and every executive of companies doing business on the internet should read Kimberly Kiefer Peretti's detailed review of carding's hidden world.  The extensive professional organizations carding networks now operate have long range implications for national and international security well beyond the financial/commercial world.

As a recent Gartner study and other 2009 reports from the Identity Theft Resource Center make clear, data breaches have wide implications in direct fraud, delayed, multi-pattern fraud, and the scope and scale of breaches, with accompanying frauds clearly on the rise.  The Gartner study also makes clear that the prosecution track records are abysmal.  In this era of exploding government debt we can't expect more resources to come the prosecutors' way. 

With jurisdictional, legal, and economic issues preventing an effective government response, companies and organizations must take greater responsibility for data security and defending against criminal activity themselves, no matter what laws say.  There is no government bailout for cybercrime.

a member-uploaded image TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Andre

Payments Fraud Hurts All of Us

02 July 2009  |  3762 views  |  0 comments | recomends Recommends 0 TagsPaymentsRisk & regulationGroupTransaction Fraud Systems and Analysis

CardSystems Case Signals Accountability and Liability Shift

26 June 2009  |  6044 views  |  0 comments | recomends Recommends 1 TagsCardsSecurityGroupTransaction Fraud Systems and Analysis

Cybercrime Czar? Government bailout for cybercrime?

01 June 2009  |  4591 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulationGroupInformation Security

Thinking and Awareness Needed to Stop Crime, Not Just Tech

27 May 2009  |  4492 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulationGroupInformation Security

Andre's profile

job title CEO
location Toronto
member since 2009
Summary profile See full profile »
As CEO and co-founder of Ethoca I drive the strategic direction of the business and business development.

Andre's expertise

Member since 2009
8 posts1 comments
Andre's blog archive
2009 (8)

Who's commenting on Andre's posts