Light Dark
July 16, 2018 By Caleb Barlow 4 min read
Artificial Intelligence
CISO
Fraud Protection

In recent years, we’ve seen ample evidence of our collective cybersecurity failures. But we still haven’t learned the most important lessons.

To start, there is no silver bullet — no single technological fix. What’s more, while cybercriminals have been coordinating in organized groups, we have been trying to fight cybercrime in silos. If we are going to beat back the advances of cybercrime, we need better collaboration within the cybersecurity industry, with shared intelligence across public and private sectors.

We must focus more on responding to the inevitable “boom moments” after a breach occurs, not just what comes “left of the boom,” the prevention and detection of threats. Furthermore, we need a drastic elevation of cybersecurity skills and awareness.

On that last point, we need to raise the level of cybersecurity awareness — not just to protect our businesses, but among the general population. Our families and friends must understand what we’re up against and become knowledgeable of security hygiene to deny cybercrime organizations the victims they need to finance their operations.

That’s why I’m so proud that IBM Security teamed up with Atomic Entertainment and Science Channel to create a documentary special that explains, in provocative detail, what we’re up against.

Go Behind the Scenes of the Fight Against Cybercrime

Dark Web: Fighting Cybercrime” — airing on Science Channel at 5 p.m. EDT on Thursday, July 19 and available afterward on-demand — brings to a mass audience a close encounter with the dark corners of the internet and offers insights into the history of cybercrime and where it’s headed. Better yet, the film goes behind the scenes of the fight against cybercrime, bringing you right inside a security operations center (SOC) to witness a simulation of a cyberattack and the challenges of responding in the moment to stop the “bleeding” and mitigate further damage.

Take a peek inside the dark world of cybercrime

I’ve been a part of hundreds of these simulations in our IBM Security X-Force Command Centers, and I have seen many accomplished and smart executives grappling with a kind of pressure few have experienced before.

When you watch the Science Channel special, you’ll see why practice runs are essential for security teams and business leaders to understand how to respond to an attack. While first responders and military service members train rigorously to deal with threats, the same can’t be said about organizations under threat of cyberattacks.

Just think about the training and preparation a military pilot goes through — hundreds of hours in simulators and in classroom training. But business leaders today are taught to be deliberate in their decisions, to pause and collect all the data before acting. That’s about the worst thing you can do when there’s a breach. After the boom, you need to act right away to prevent a bad situation from becoming worse.

Learn How to Keep Calm in the Face of a Cyberattack

Many of the people who go through the simulations in our command centers can become flustered and discouraged, despite being highly capable leaders. When the CEO who normally acts with confidence when making business decisions is suddenly thrust into the unknown of a cyberattack, the fight-or-flight adrenaline makes decision-making extremely difficult, and he or she starts to make mistakes.

It’s like trying to learn a new sport: You are bound to fail at first, but it’s by failing that you learn. And it’s far better to strike out or miss a tackle in practice than in a real game.

For many of our clients, it’s very apparent that rehearsing these situations is essential to honing their crisis leadership. By experiencing a simulated cyberattack, teams build muscle memory of what to do and with whom to communicate. By incorporating what they’ve learned, leaders can go back to their organizations and script their responses to automate as much of the decision-making process as possible. You can act faster and more effectively when the rules are written down, processes are established and everyone understands their job.

As the Science Channel special demonstrates, there’s a common thread among successful teams in our cyber ranges, and that’s the calm and collected leadership of people with backgrounds in the military or first responder jobs.

We need more of these disciplined and quick-acting men and women in cybersecurity. But the traditional way of recruiting cybersecurity staff — finding experienced professionals with a background in cybersecurity, college degrees and information security certifications — can overlook nontraditional candidates who can nonetheless do the job. At IBM Security, we’ve advocated and put into practice a “new collar” approach to recruiting professionals. It means looking beyond credentials to find individuals with the skills, aptitude and attributes to adapt to new cybersecurity roles.

Why I’m Optimistic About the Future of Cybersecurity

Unfortunately, there’s a lot of pessimism right now about the acceleration of threats, mounting breaches and exploding costs of incorporating a wide array of disparate and disconnected security technologies into IT environments. Yet, I am optimistic, because we do not have to fight alone.

By collaborating across organizations and within the security industry, we can limit the spread of threats through shared insights and intelligence. Together, the cybersecurity industry and our partners can simplify security by integrating our solutions, because complexity is the enemy of security.

We also have a new partner that can help turn the tide in the fight against cybercrime: artificial intelligence (AI). By advancing the security applications of AI, we create a force multiplier, because automating tasks and limiting false positives frees up human analysts to make critical decisions faster.

Finally, it bears repeating that we must create more allies in this fight by educating our employees and the general public about threats to their online privacy and security. I think “Dark Web: Fighting Cybercrime” does a standout job of doing just that.

Whether you’re a security professional, business executive or concerned citizen of our digital world, you’ll gain valuable perspective from this fascinating documentary. Check out the trailer below to get a taste of the action, and watch “Dark Web: Fighting Cybercrime” on Science Channel at 5 p.m. EDT on Thursday, July 19, and later on-demand. Get your friends and family members to watch too — after all, we’re all in this fight together.

https://www.youtube.com/watch?v=NJRYJ2MfxWw

Take a peek inside the dark world of cybercrime

 |  |  |  |  |  |  |  |  |  |  |  |  |  | 
Caleb Barlow

More from Artificial Intelligence
January 29, 2025

AI and cloud vulnerabilities aren’t the only threats facing CISOs today

6 min read - With cloud infrastructure and, more recently, artificial intelligence (AI) systems becoming prime targets for attackers, security leaders are laser-focused on defending these high-profile areas. They’re right to do so, too, as cyber criminals turn to new and emerging technologies to launch and scale ever more sophisticated attacks.However, this heightened attention to emerging threats makes it easy to overlook traditional attack vectors, such as human-driven social engineering and vulnerabilities in physical security.As adversaries exploit an ever-wider range of potential entry points…

January 24, 2025

Are successful deepfake scams more common than we realize?

4 min read - Many times a day worldwide, a boss asks one of their team members to perform a task during a video call. But is the person assigning tasks actually who they say they are? Or is it a deepfake? Instead of blindly following orders, employees must now ask themselves if they are becoming a victims of fraud.Earlier this year, a finance worker found themselves talking on a video meeting with someone who looked and sounded just like their CFO. After the…

January 17, 2025

How to calculate your AI-powered cybersecurity’s ROI

4 min read - Imagine this scenario: A sophisticated, malicious phishing campaign targets a large financial institution. The attackers use emails generated by artificial intelligence (AI) that closely mimic the company's internal communications. The emails contain malicious links designed to steal employee credentials, which the attackers could use to gain access to company assets and data for unknown purposes.The organization's AI-powered cybersecurity solution, which continuously monitors network traffic and user behavior, detects several anomalies associated with the attack, blocks access to the suspicious domains…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature