Cyber theft is the fastest-growing crime in the United States, yet despite elevated concerns, many businesses are still not prepared. According to Ernst & Young’s 19th Global Information Security Survey 2016-17, only 22 percent of 1,735 global executives, information security managers and IT leaders surveyed fully consider information security in their strategy and planning.
Cybersecurity Ventures predicts that cybercrime damages will cost the world $6 trillion by 2021, up from $3 trillion in 2015. The hyper-connected and data driven business landscape creates an attractive target for hackers to infiltrate. Connected devices, cloud computing, Big Data, mobile technologies and remote working practices are digital trends open to being exploited by hackers who are becoming smarter and more sophisticated.
“In the rapidly evolving business landscape, it’s not a matter of if a business will be targeted,but when," said Tony Trama, Director of Security Solutions at Micro Strategies. Business leaders need to be well versed in both the opportunities and threats of the new digital business landscape. Technology has changed our lives - we can access emails from our phone, we can work remotely on the cloud from home - all of which have been enabled by technology, which continues to pervade every aspect of our daily lives. Bearing this in mind, it makes it increasingly important for businesses to protect systems, networks and data from threats.
But despite concerns around the frequency of attacks, many US businesses are not taking measures to protect sensitive data such as personally identifiable information (PII), intellectual property, or trade secrets, leaving them compromised. According to EY’s survey, 89 percent fail to evaluate the financial impact of every data breach and 49 percent had no idea what financial damage it caused. Global ransomware damage costs are predicted to exceed $5 billion in 2017, which has significantly increased from $325 million in 2015.
“Prevention is better than the cure, so business leaders need to ensure they optimize their security programs to manage risk rather than simply focusing on compliance," Trama said. "They need to realize there are no magic bullets when it comes to protecting against advanced threats, that they need to identify and protect their critical assets, and of course, that they’ll need to up their game when it comes to protecting cloud and mobile. Good governance and practices should be in place to detect and respond to issues in advanceto minimize the reputational and financial impact of these incidents. Businesses and governments are still reeling fromrecently publicized attacks, proving that having a robust security program and an educated workforce are key to minimizing the threat surface”.