Cyber Crime

Over the last year, we have reached a new and important turning point in the struggle to manage cyber risk. In the war between cyber attackers and cyber defenders, we have reached what Winston Churchill might call “the end of the beginning.”
Three characteristics mark this new phase. First, global cyber-crime has reached such a high level of sophistication that it represents a mature, though illicit, global business sector in its own right.
Second, with near-ubiquitous technologies now connecting the digital and physical worlds to an unprecedented degree, new potential exists for individual cyber-attacks to devastate critical business and operational processes.
The third characteristic taking shape today is the rising importance of institutions—governments, regulatory authorities, law enforcement agencies, the insurance industry, and others—as a critical to counter the global cyber threat. Cyber risks can only be effectively dealt with if there is a common understanding of their importance and increased interconnected nature.
Against this backdrop, the 2018 edition of the MMC Cyber Risk Handbook provides insights on the shifting cyber threat environment, emerging global regulatory trends, and best practices in the journey to cyber resiliency. The handbook features articles from business leaders across Marsh & McLennan Companies and our expert and notable collaborators. We hope this handbook will help you better understand what it takes to achieve cyber resiliency in the face of this significant and persistent threat.

Global cyberspace is undergoing fundamental change. There are now frequent references to a “fragmentation of the Internet”, but many European and international working groups are also increasingly aware that “a free, open and at the same time secure Internet” is a global public good. However, the political rules adopted for International and European cyber policies and cybersecurity policies will always lag behind technological developments. It is the more important, therefore, to subject these rules to the over-arching norm of due diligence in cyberspace, and to do so on the national, European and international levels. This generates three requirements for Germany’s future strategic orientation in cyberspace:
- European cooperation: integrating national policies into the European framework;
- Inclusiveness: giving different interest groups broad and publicly accessible representation in formulating policies;
- Civilian response: prioritising the civilian component over the military component, particularly in times of peace.

However, Germany’s major partners are confused as to what goals precisely it is pursuing in cyberspace. It is therefore advisable for Berlin to improve its coordination and communication of responsibilities at the national and EU levels, be it on issues of Internet Governance, the fight against cybercrime, or cyberdefence.

In 2030, will the Internet and related information and communications technologies (ICT) continue to drive global innovation and prosperity? Or, will that bright promise be swamped by an unstable and insecure Internet, so overwhelmed by non-stop attacks that it has become an increasing drag on economic growth? The answers, as far as we can predict, are not promising and mean the difference in tens of trillions of dollars in global economic growth over the next fifteen years.
So far, cyberspace has been safe enough, secure enough, and resilient enough for the past decades to re-invent nearly every industry, create a ’hyperconnected world,’ and transform the global economy.

This report outlines key driving factors for the evolution of serious and organised crime in the EU. The document describes these key drivers, their impact on serious and organised crime and the potential impact on individual crime areas and organised crime groups (OCGs). It does not claim to make definitive predictions or provide a complete picture of crime in the future, but rather aims to outline plausible developments and to encourage law enforcement authorities to consider and explore the potential evolution of serious and organised crime.

The report opens with a discussion of Europe's changing criminal landscape and the key drivers that will impact on serious and organised crime over the next decade. The key driving factors presented in this document were inspired by the Serious and Organised Crime Futures Forum held at Europol in March 2014. The Forum brought together experts from government, the private sector, think tanks and international organisations as well as a large number of law enforcement experts from various Member States and third states associated with Europol. In a two-step process, all participants first identified key driving factors in the environment. Law enforcement professionals then engaged in discussions to outline the potential impact of these factors on serious and organised crime. The report focuses on those key drivers with the most profound impact on serious and organised crime in the future. These fall within two categories, technology and socio-economic developments, and are each dis-cussed by focussing on their general impact and their impact on serious and organised crime specifically.

In addition to exploring potential developments in serious and organised crime, the report also provides a view on the future of law enforcement and how law enforcement authorities across the EU and on a global level may seek to counter and contain organised crime activities over the next decade.

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

The scenarios in this document are not predictions of a single future. Rather, they are descriptions of a possible future, which focuses on the impact of cybercrime from the perspectives of an ordinary Internet user, a manufacturer, a communications service provider and a government. The events and developments described are designed to be plausible in some parts of the world, as opposed to inevitable in all. They take their inspiration from analysis of the current threat landscape, the expert opinion of ICSPA members and extensive horizon scanning, particularly of emerging technologies.