Story image

Cybercrime could cost companies US$5.2tril over next five years – survey

21 Jan 2019

Companies globally could incur US$5.2 trillion in additional costs and lost revenue over the next five years due to cyber attacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to a new report from Accenture.

Based on a survey of more than 1,700 CEOs and other C-suite executives around the globe, the report, Securing the Digital Economy: Reinventing the Internet for Trust, explores the complexities of the internet-related challenges facing business and outlines imperatives for the CEO’s evolving role in technology, business architecture and governance.

The report notes that cybercrime from a wide range of malicious activities poses significant challenges that can threaten business operations, innovation and growth, and the expansion into new products and services, ultimately costing companies trillions of dollars.

The high-tech industry faces the highest risk, with more than US$753 billion hanging in the balance, followed by the life sciences and automotive industries, with US$642 billion and US$505 billion at risk, respectively.

Accenture communications, media, and technology operating group lead Omar Abbosh “Internet security is lagging behind the sophistication of cyber criminals and is leading to an erosion of trust in the digital economy.”

“Strengthening internet security requires decisive — and, at times, unconventional — leadership by CEOs, not just CISOs. To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”

Among the key findings: Four in five respondents (79%) believe that the advancement of the digital economy will be severely hindered unless there is dramatic improvement to internet security, and more than half (59%) of respondents said the internet is getting increasingly unstable from a cybersecurity standpoint and they are unsure how to react.

At the same time, three-quarters (75%) of respondents believe that addressing cybersecurity challenges will require an organised group effort, as no single organisation can solve the challenge on its own.

With heightened concerns about internet security, more than half (56%) of executives would also welcome stricter business regulations imposed by a central organisation or governing body.

“The internet wasn’t built with today’s level of complexity and connectivity in mind, which is why it takes just one click — whether inside or outside the company walls — to fall prey to a devastating cyber attack,” says Accenture security senior managing director Kelly Bissell.

“No organisation can tackle the challenges posed by cyber threats on its own; it’s a global challenge that needs a global response, and collaboration is key.

“To shape a future that thrives on a strong and trustworthy digital economy, senior executives need to look beyond the bounds of their organisation, team with an ecosystem of partners, and secure their entire value chains — across every partner, supplier and customer.”

The rapid emergence of new technologies is creating additional challenges, as four in five respondents (79%) admit that their organisation is adopting new and emerging technologies faster than they can address related cybersecurity issues, with three-quarters (76%) noting that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT).

A majority (80%) also said protecting their companies from weaknesses in third parties is increasingly difficult, which isn’t surprising given the complexity of today’s sprawling internet ecosystems.

Also, consumer data protection is on the minds of many senior executives.

Fuelled by security concerns, 76% of respondents believe that consumers can’t trust the safety of their online identities when too much of their personal data is already available without restrictions.

Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.