What is the Cybercrime Atlas?

In this post, I delve into an initiative making waves in the cybersecurity arena – the Cybercrime Atlas.

The Cybercrime Atlas is an initiative launched by the World Economic Forum (WEF) to better understand and combat cybercrime globally. It collects data about cybercriminal activities, creating a valuable database for law enforcement agencies. By mapping the cybercriminal ecosystem, it aims to disrupt cyber-criminal networks.

In February 2023, the World Economic Forum officially launched the Cybercrime Atlas. It was announced already in 2022, and this year it solidified into the official launch.

The secretariat for the Cybercrime Atlas initiative will be hosted by the World Economic Forum for the next 2-3 years, with the support of Fortinet, Microsoft, PayPal and Santander, until it is sufficiently established to become an independent platform.
- World Economic Forum news article (Published January 2023)

I often champion cybersecurity, cloud security, risk, compliance and governance. This post aims to shed some light on the initiative, my reflections, and why this initiative matters.

Article audience

If you're an executive, IT decision maker, security decision maker, CIO, CISO, or work in another role with risk management, security programs, cybersecurity, threat intelligence, or, for example, regulatory compliance initiatives, you might find this insightful.

That said, the scope isn't limited to any given role or industry. Remember, security is a shared responsibility, and we all need to pull our weight.

Mapping the cybercriminal ecosystem

I recently read the 2023 Microsoft Digital Defense Report, where Microsoft talks about how the Cybersecurity Atlas helps map the threat landscape around cybercrime.

Everyone should have a vested interest in this. Here are some of my thoughts about the Cybersecurity Atlas, and how I hope it will change the fight against cybercrime in the near-term and long-term.

Globally collecting cybercrime intelligence

The Cybercrime Atlas is meant to significantly enhance how we, collectively, gather, analyze, and share cybercrime intelligence.

Historically, cybercrime intelligence was a mix of fragmented research efforts with limited stakeholder cooperation - private industries, public companies, governments, law enforcement units, and more.

The Cybercrime Atlas aims to address this by centralizing collaboration and research, overcoming the hurdles of jurisdictional and organizational barriers.

I'm hopeful that this is a step in the right direction to showcase the power of unified efforts in navigating the complex landscape of cybercrime. Because, as we know, the threats never sleep, and are becoming increasingly more sophisticated.

Data utilization

Cybercriminals generate a plethora of data through their global infrastructures, yet translating this data into actionable insights has been a challenge.

One goal with the Cybercrime Atlas is to centralize knowledge and promote a collaborative approach to gather vetted intelligence from various sectors. It's about maximizing the value of available data, enhancing our understanding and ability to disrupt cybercriminal networks.

Standardized research

The initiative aims to establish a standardized and scalable model for open-source intelligence research, optimizing data collection and ensuring thorough vetting by industry experts. This approach not only enhances intelligence gathering but also facilitates deeper analysis to identify connections between cybercriminal entities.

Hopefully this scalable model will set a foundation for sustainable cybercrime intelligence efforts that can adapt to the evolving threat landscape.

Criminal disruption

A key goal of the Cybercrime Atlas is to disrupt cybercriminal activities.

Disruption can happen by facilitating actionable intelligence for law enforcement and the private sector. This includes providing evidence-based recommendations for policy and regulation changes, offering a forward-thinking approach to dismantling criminal infrastructures and leading to arrests.

In other words, global collaboration and having a real-world impact in the fight against cybercrime becomes more tangible.

Closing thoughts

With initiatives like the Cybercrime Atlas, global efforts to make the world a safer place take a huge leap forward. I'm following the developments of the work in these areas with great interest.

I'm hopeful that with these collaborative efforts we'll see:

1. More advancements in cybercrime disruption worldwide.
2. A new security culture, fostering partnerships, collaboration, and information sharing across sectors, actors, and countries.
3. Further innovation in defense tactics and capabilities as an outcome of the collective learnings from all the data insights.

If you've got a vested interest in cybersecurity, you might want to check out this post:

Frameworks to strategically improve your cybersecurity

Learn about popular cybersecurity frameworks like NIST Cybersecurity Framework (CSF), CISAs Cross-Sector Cybersecurity Performance Goals (CPG), MITRE ATT&CK and D3FEND, Microsoft Cloud Adoption Framework’s Secure methodology, and Microsoft’s CISO Workshop Training.

Tobias Zimmergren on TechTobias Zimmergren

Here are some additional interesting reading points if you're keen on exploring more.

• Frameworks to strategically improve your cybersecurity (Tobias Zimmergren)
• Microsoft Digital Defense Report 2023 (Microsoft)
  • I highly encourage you to download the Executive Summary report.
  • However, if you want to dive into the Cybercrime Atlas work from Microsoft, you need to download the full report.
• How to disrupt cybercrime networks (World Economic Forum)
• Partnership against Cybercrime (World Economic Forum)