At the EMEA Digital Identity Summit 2019 in London, Chris Parker, ecrime and digital lead, fraud response and recovery at the Royal Bank of Scotland, warned that cyber-criminals will always react and respond to better security methods, and so industry collaboration is key to staying ahead of them.
“There’s an awful lot of change going on, and it’s a cat and mouse game,” he said. “We need to recognize that everything we do [to prevent cybercrime] will cause a reaction [amongst cyber-criminals].”
Parker explained that security efforts have always had to evolve and improve to try and keep data safe from fraudsters, but as they have, attackers have also continued to adapt with new tactics that circumvent any improvements that have been made.
Fraudsters have come to realize, as their infrastructures have been taken down or taken over by law enforcement and their profits affected, “that they are not always the best at doing everything, and so they have started outsourcing their efforts to find experts on the black market.
“It’s taken us to a place where we’ve increasingly got a much better visibility of what’s happening, but fraudsters have found ways in which they can really focus on the skills need they need.”
For that reason, an ‘us alone’ approach to security is not enough to prevent online fraud, and “we need to work across industry with law enforcement and peers.”
There is a lot of value in sharing threat intelligence data with each other, Parker added, because “we’ve seen that by sharing that intelligence and seeing what is affecting your peers before it impacts you, and vice-versa, you gain strength. Fraudsters are doing that – fraudsters are working in groups. If they can work in a collective, then we absolutely have to work as a collective to try and stop them.”