Published on the 01/06/2017 | Written by Newsdesk
Nearly 3 billion customer data records expected to be stolen in 2017 alone…
Get your wallets ready, because cybercrime is set to cost businesses not billions, but trillions of dollars. That’s by the calculations of Juniper Research, which, in a new report, said criminal data breaches will rack up total losses of US$8 trillion over the next 5 years. That’s owing, the researcher said, to higher levels of internet connectivity and inadequate enterprise wide security.
The new research, ‘The Future of Cybercrime & Security: Enterprise Threats & Mitigation 2017-2022’, forecasts that the number of personal data records stolen by cybercriminals will reach 2.8 billion in 2017, almost doubling to 5 billion in 2020, despite new cybersecurity solutions emerging.
It highlights cybersecurity problems becoming particularly acute when businesses integrate new and old systems without regard to overall network security.
While the recent WannaCry ransomware attack got the infosec industry worked up into a proper froth, it also demonstrated the veracity of Juniper’s observation. In an epic LinkedIn rant, Arthur Weiss, Risk Partner, Digital and Innovation at National Australia Bank, had this to say:
“OK, I’ve finally had enough of the security vendor feeding frenzy on the back of the WannaCry (and now EternalRocks) malware…an email that I received this morning telling me that a vendor’s advanced User Behavioural Analytics (UBA) would prevent ‘this type of zero day attack’. People, it’s a patched vulnerability for a deprecated protocol (SMB v1), not a zero day. If you aren’t confident of the patch levels of your systems and believe that a vendor can help you with this, go for it. For everyone else, if you focus on patching, system hardening and firewall configuration, you will prevent these types of attacks far more effectively than by deploying the latest ‘acronym of the month’ security tools.”
Confirming that this was indeed a rant, Weiss finished: “Rant over.”
Little surprise then that, with this level of frustration from the top end of town, that small business is resisting the fervourous advice. Juniper found that SMEs, which in any economy typically comprise by far the greatest number of businesses, are particularly at risk from cyberattacks, spending less than US$4,000 on cybersecurity measures this year (although we note ‘spend’ is a poor measure of effectiveness).
Only marginal increases in security spend are expected over the next 5 years. These firms also tend to run older software, which Juniper noted, WannaCry and other recent cyberattacks have exploited.
The research highlights a need for companies to put more money into cybersecurity and system upkeep, which, it says, should be treated as a vital element of workplace safety.
And here comes the fear factor, generally peddled by the infosec industry but this time courtesy of research author James Moar: “The attacks on hospital infrastructure show that inadequate cybersecurity can now cost lives as well as money,” he remarked. “Businesses of all sizes need to find the time and budget to upgrade and secure their systems, or lose the ability to perform their jobs safely, or at all.”
The whitepaper, Cybercrime & the Internet of Threats 2017, is available to download.
