top of page

Episode #

18

Europol's Philipp Amann on Building Better Methods of Information Sharing to More Effectively Combat Cybercrime



Show Notes

In this week's episode of the Future of Cyber Risk podcast, David speaks to Philipp Amann, Head of Strategy, European Cybercrime Centre at Europol. They discuss the need for collaboration between industry and law enforcement to help combat cybercrime, and how to go about fostering trust and information exchange in more effective and sustainable ways. They also talk about the major risks to organizations today, like legacy systems, ransomware, and AI, and how to better manage complexity to reduce cyber risk.


Topics discussed:

  • Philipp's broad background in intelligence and cybersecurity, from starting in the military and moving to governance roles in cybercrime, to his current role at Europol.

  • The need for collaboration to combat cybercrime, and how it requires resources, trust, common ground, incentives, and sustainable approaches.

  • How understanding cybercrime requires knowledge across a variety of areas, especially to articulate cybercrime issues to non-technical audiences.

  • The challenges to information sharing across alliances with different limitations and legislations to consider, and the need to address those challenges to reach common goals.

  • Why one of the biggest risks to organizations today is legacy systems that may still be infected with older vulnerabilities, and why security teams need to focus on both zero-day and 1000-day vulnerabilities.

  • The ways in which criminals are already beginning to exploit AI and use it to impersonate CEOs, write better code, or create more convincing spam emails.

  • The rise in the crime-as-a-service model, which could include rogue cryptocurrency exchanges, criminal VPN services, or other malicious businesses.

Quotes from Episode

#1.)

"A lot of the potential evidence, the relevant information is held by industry, where the infrastructure that is being abused by criminals is controlled by industry. They may have specific knowledge, skills, and expertise, so there is an implicit need to work together to be effective and efficient." (18:55)


#2.)

"It's all about putting in the resources, creating that trust environment. ... Trying to find the common ground, the common incentives. Why do we work together? If industry shares information with law enforcement, what are they getting in return? What is the impact of that?" (19:58)


#3.)

"Once you have a success, once you see sharing that piece of information with that party actually had an impact, it really made a difference. I think that may help to slowly build up that trust to foster the exchange of information." (29:47)


#4.)

"Complexity is certainly one of the huge challenges that everybody faces. Legacy systems combined with state-of-the-art new technology. The Internet of Things. Shadow IT. ... Your attack might not come through a typical endpoint, which could be a laptop, but it might be some thermostat that is connected to the Internet." (36:48)


#5.)

"There are still thousands or hundreds of thousands of machines out there that have that vulnerability. ... There are still a very large number of infected machines out there with something that's now considered to be old. And that's certainly a risk." (37:55)

bottom of page