8
THE BEST CYBER DEFENSE
about their human rights efforts . HP is not only responsive to such requirements and inquiries , we ’ re also actively deepening our efforts in communicating and prioritizing human rights due diligence across our value chain .
This work requires many internal stakeholders , like government affairs and public policy , to help review , navigate , translate , and engage with policy makers on behalf of the company . The company also has an internal Human Rights Council with senior leadership across multiple functions that is accountable for driving the company ’ s human rights strategy within their sphere of responsibility .
6 / What can HP employees do to help advance human rights ? Each of us has the power to stand up for human rights and take action , however we can . For employees , the first thing is to learn about
HP ’ s human rights policy . They can also complete internal educational offerings , or they can
donate to human rights organizations .
Externally within their community , people can support and buy ethically made products as another way to make a small , positive dent where they can — particularly with their purchasing power .
7 / As HP ’ s human rights efforts evolve , what does success look like ? Success means executive champions at the highest level , board engagement , and interest in human rights being embedded across HP ’ s value chain . Respecting human rights is everyone ’ s job at HP . My hope is that by viewing it as your job , it ’ ll continue to inspire people , give them purpose , and have them be proud to work for a company that ’ s committed to human rights . — Lauren Grayson
Alex Holland
Senior Malware Analyst
$ 7 billion
Cost of cybercrime in 2021 as recorded by the FBI
Cybersecurity Is a Team Sport
Why a new landscape of heightened threats requires employee collaboration .
P
ERHAPS UNSURPRISINGLY , it pays to be a cybercriminal these days .
For one , it ’ s a booming industry . Between 2008 and 2021 , the FBI recorded a 207 % increase in cybercrime reports , with losses hitting almost $ 7 billion last year .
Second , it has a low barrier to entry — in fact , it ’ s dirt cheap . The average price of compromised remote access credentials costs around five dollars , easily purchased on the dark web . Cybercriminals use these credentials to sneak their way into victim enterprise networks . In the report
The Evolution of Cybercrime , we found over 75 % of advertisements for malware and 91 % for exploits are listed for under $ 10 . By comparison , purchasing a popular malware kit in 2009 would have set a cybercriminal back $ 8,000 .
Third , it ’ s easier than ever for cybercriminals to work together in an increasingly professional and collaborative underground supply chain . They have carved out niches , offering specialist services such as the leasing of massive botnets to deliver a customer ’ s malware of choice to thousands of victims , or hackers-for-hire who maximize the damage wreaked from ransomware by extending an intrusion to vulnerable points in a network . The sum of these factors means that employees in distributed workforces around the world are more vulnerable than ever . The blurred lines between personal and corporate devices mean remote employees aren ’ t always protected by enterprise defenses , increasing the risk of successful attacks .
The good news is , it ’ s within the power of employees to become the first line of defense — but only with teamwork . If cybercrime is a playing field with ever-changing goalposts , the only way to win is by working together to run the best defense possible .
Anticipating your opponents ’ playbook Cybercriminals abuse our trust in everyday interactions and communications online , especially email , to exploit systems . Through various forms of phishing and social engineering , email is the
most popular way cybercriminals gain unauthorized access to networks . Once inside , they typically try to monetize their access — disabling the organization ’ s backups , stealing sensitive data , and