Keystrokes and login behaviour could protect your online identity

It's one of a series of innovations being developed by European businesses who are keen to claim their share of a growing cybersecurity market.

Czech-based cybersecurity firm ThreatMark has been developing advanced fraud-detection systems to protect digital transactions using machine learning and tailored algorithms to spot advanced threats and unusual behaviour.

It collects information from our computer and mobile phone to learn typical behaviour based on the devices we use, such as login times and locations, keystroke dynamics and movement characteristics. It also analyses where on the screen we usually click on the login buttons, how we interact when providing input and how we typically behave within our applications.

‘Combining this information with other data, perhaps your heart rate from a smart watch, for example, and location data for your other devices, it could be possible in the near future to authenticate you even without using a password,’ said the firm's chief executive Michal Tresner.

Integrating this approach with ThreatMark’s complex fraud prevention and detection software can expose anomalies in real time, triggering firewalls or rapidly blocking suspicious users or transactions.

The company has several patents in the works and its monitoring system has won interest from several European banks, with more expected to sign up this year.

Growing market

The threat from cybercriminals shows no sign of abating, opening up opportunities for European companies to develop new tools to fight against threats – and win a greater share of one of the fastest growing markets in the IT sector. Analysts predict that global spending in cybersecurity will be well over EUR 100 billion a year by 2021.

According to a 2016 report by the European Cybersecurity Industry Leaders (ECIL), the EU is the most trusted area in the world when it comes to data security and privacy, giving the region a competitive advantage.

But success is not a given. The cybersecurity industry in Europe, which currently accounts for about a quarter of the global market, is growing by around 6 % a year compared to growth of 8 % for the market as a whole.

One of the aims of the European Cyber Security Organisation (ECSO) – the association implementing a cybersecurity public-private partnership set up by the EU in 2016 – is to create connections between industry players, national public authorities and users of cybersecurity solutions to identify priorities and increase collaboration in research and innovation.

That connection – particularly between providers and end-users – is crucial if Europe is to grow the industry and take its right place in the market, says Tresner. He sees scope for business-to-business platforms or events to introduce small- and medium-sized firms like ThreatMark to potential clients.

‘The possibility to match customers with the supplier is the most important thing we see for boosting the industry,’ Tresner said. ‘This is even more valuable than money.’ 

“

‘Technical experts in cybersecurity are very hard to come by.’

Dr Volker Scheidemann of German cybersecurity company Applied Security (apsec), says the industry must also encourage the use of cybersecurity tools as an integral part of computer systems. While most banks, big companies and public authorities are aware of the need for cybersecurity, many other businesses do not give it priority.

‘It should be like a car safety belt – an essential part of a modern vehicle, rather than an add-on,’ he said.

EU funding has helped apsec and its Swedish partners, foreseeti, to develop a security system called CyberWiz, where users set up a model IT network and carry out various kinds of simulated attacks. That gives a picture of the whole network, exposes weak points and can trace knock-on effects.

Sustained attack

CyberWiz also estimates how long the network can withstand a sustained attack without being critically damaged.

It is especially useful for analysing complex arrangements such as critical infrastructure and has already been used for this by municipal authorities in Aschaffenburg, Germany.

Scheidemann said he believes such tools will become standard in the next few years.

‘This brings a new, engineering-type approach to IT security,’ he said, adding: ‘The days of trying to analyse such complex systems manually is over.’

In a fast-changing industry, making sure people have the right skills for employment in the cybersecurity industry is also key to market growth.

Robert Gupta, chief executive of Secon Cyber Security, UK, says this is especially important in the small- and medium-sized sector.

‘In general, there is a lack of the right skills and when you are recruiting, technical experts in cybersecurity are very hard to come by,’ he said.

Secon’s ConnectProtect project, supported by EU funding, showed how a remote incident-response platform could help small- and medium-sized businesses to combat attacks and security threats – at a more reasonable cost.

‘Many large businesses are able to take care of their own IT security, or can afford to outsource these tasks to the big providers, but the cost is often beyond the budget of smaller or medium-sized firms,’ Gupta said.

Through such a system and economies of scale for cybersecurity software licences, he sees the total cost of security coming down dramatically for small businesses – perhaps by as much as 75 % per member of staff.

‘The system can also provide an incident response remotely, so the customer will have minimal notification. Perhaps if there is an attack it will be fixed before the customer is even aware of it,’ Gupta said.

If you liked this article, please consider sharing it on social media.