Posted on August 8, 2017 by morganr
Cybercrime on Track to Reach $8 Trillion by 2020
August 8, 2017
Cybercrime is in no way slowing down. Research is showing that personal record loss is on track to surpass $2.8 billion by the end of 2017. That number jumps to $5 billion by 2020. Criminal data breach activity is expected to reach $8 trillion – with a “t” – within the next five years. What are contributing to these numbers? It may be a lack of investment in cybersecurity protections; or a shortage of cybersecurity professionals available to put those protections in place; or more commonly, a lack of serious cybersecurity education for employees and consumers. Most likely it is a mixed bag of reasons that makes it difficult to find a single reason.
Juniper Research released numbers spelling out this information. The most affected by these losses are indeed small to medium sized businesses. Likely, they are targeted more and the cyberthieves are successful more often, because they spend less money on cybersecurity than larger organizations. Another contributing factor is the likelihood that they stick with outdated systems and technology longer, leaving themselves more vulnerable to attacks that take advantage of unsupported, and therefore unpatched systems and software.
In 2016, 34% of companies were willing to admit that they had been victims of a data breach. Shockingly, Bitdefender found that 2/3 of the companies they surveyed said they would be willing to pay up to $124,000 on average to hide the fact that they had experienced one.
Unfortunately, there seems to be a shortage of cybersecurity professionals to help thwart threats such as these. In 2014, there were nearly 50,000 open cybersecurity positions that required the industry’s certified information systems security professional (CISSP) certification. At that time, there were only 65,362 professionals that had this designation. Many, if not most of them were already employed. These numbers don’t even factor in the number of open slots not requiring this or any other cybersecurity certification. According to the certifying organization (ISC)2, as of April 2017, there were still only 75,312 CISSPs in the United States. It’s quite a conundrum.
Research in 2015 by Grant Thornton revealed that over $315 billion was lost by businesses during that year, due to cybersecurity incidents.
The truth is, while these designations are valuable and certainly bring extra expertise to the job, it doesn’t take a CISSP to put into place some basic security practices and products to help lower your risks of a cyberattack.
Install perimeter protections such as a firewall, intrusion detection, and VPN servers and ensure they are properly configured.
Keep all operating systems, software, and firmware updated and the latest patches applied.
Ensure all systems on the network have anti-malware installed and that it is kept up-to-date.
Require remote workers to use a VPN to connect into the network on all devices they may use to do that.
Finally, one of the most important steps any organization can take: Educate and train all personnel who connect to the network on how to identify phishing email messages and what to do should they accidently fall victim to one. After all, no matter how many tools and people are deployed to prevent cyberattacks, it only takes one person to open one malicious attachment to infiltrate your organization.