Skip to content

Situational Cyber Crime Prevention

July 25, 2013

crimeI just made chilli, and to be honest, eating it was the highlight of an otherwise unfulfilling week. It’s been a challenging to get into the swing of having the household to look after, now that Mrs SecurityGeezer has gone away for the summertime, leaving me here with Jasper and Nacho to psycho-analyze. It’s also been a bit of a challenge to get things done in the office. The last year has been spent getting some additional fitout work done there, and it’s just sort of dragged on a little, so now that we’ve imposed a deadline on ourselves, there’s been a lot of little things that have needed to be sorted.

Do you know how difficult it is to find a conference room table in glass that’s longer than 2.4m? Sheesh…

But what is also a somewhat exasperating is the market we’re in. It amazes me that we can work in this industry and this region for all these years, and with the wealth of experience accumulated within the walls of our organization we still frequently look at each other and shrug our shoulders, wondering what on earth will happen next. Life seems to consist of a constant cycle of meeting people you don’t trust but whom you have to take tiny leaps of faith, being introduced to dead-cert opportunities that turn out to be anything but, and working your way through a minefield of products and manufacturers that either don’t work or don’t understand the market.

This is a really nice infographic that popped up on a blog I follow, showing the 300 biggest data leaks in a lovely blobular representation. It feeds neatly into a topic I’ve been discussing a lot lately.

You look at this image and it’s obvious that lots and lots of data has been lost by lots and lots of organisations. These are just the biggest ones, so in amongst the blobs really there are millions of tinier blobs that represent the data loss that’s going on in companies all over the world all of the time. But who’s letting it happen? Security??

No – and this is possibly the most important point I can make in this or any other of my blog posts. Whilst organisations compartmentalize loss prevention into an isolated “Security” response, they will continue to fail to prevent the big blobs from appearing on this infographic.

When supermarkets “lose” tins of beans, it’s because beans that were part of the business’s inventory become not part of the inventory. That can be through theft or errors or damage. Beans that were on shelves move from the shelves to somewhere else. How do you prevent it from happening? Reduce theft by applying strong security methodologies, reduce errors by applying strong accounting methodologies, reduce damage by applying strong management methodologies.

When businesses “lose” data you cannot rationalize the situation down to a few simple scenarios. Imagine the business in question is a supermarket, and it loses the data on all of its online delivery shoppers. Same business – totally different problem – totally insoluble through simply implementing strong security, strong accounting or strong management, because the data wasn’t sitting on a shelf.

The uncertainty inherent in many of the more traditional crime prevention concepts resulted in the Situational Crime Prevention methodology developed by Ronald V Clarke. The idea here is that you can’t easily understand the motivations of a criminal, so you cannot outwit him by predicting his behavior. Instead, crime can be prevented by simply removing the opportunity for crime. Remove the asset. Limit access to the asset. Create an environment that discourages the commission of crime or places significant obstacles between the criminal and his quarry.

The end result of Situational Crime Prevention can often be displacement rather than prevention – but from the victim’s perspective, there is nothing wrong with displacement, because at least the victim is somebody else.

I’m proposing a similar set of countermeasures and crime preventing techniques that I’m calling Situational Cyber Crime Prevention.

Over coming blog posts I’m going to explain some of the principles of this approach.

Advertisements

From → Industry Stuff

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Shireen Writes

About Anything and Everything

Find Me A Break | Travel Blog in Dubai

Where travel, food and entertainment intersect

Bailey Boat Cat

Adventures of a feline afloat!

Framework

Capturing the world through photography, video and multimedia

Tech

News and reviews from the world of gadgets, gear, apps and the web

Bill Mullins' Weblog - Tech Thoughts

Security and System Tools and Tips. Software Reviews, News, Views, Downloads and Links.

The Past and Present Future

Ken Hinckley's Ideas, Visions, and Opinions on the Research Frontiers of Human Technologies

Live to Write - Write to Live

We live to write and write to live ... professional writers talk about the craft and business of writing

Love and a Six-Foot Leash

One family's adventures with America's forgotten dogs.

TED Blog

The TED Blog shares interesting news about TED, TED Talks video, the TED Prize and more.

%d bloggers like this: