Research from Juniper Research, suggests that the rapid digitisation of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally in 2019, increasing to almost four times the estimated cost of breaches in 2015.
The research, entitled ‘The Future of Cybercrime & Security: Financial and Corporate Threats & Mitigation’, found that the majority of these breaches will come from existing IT and network infrastructure. While new threats targeting mobile devices and the IoT (Internet of Things) are being reported at an increasing rate, the number of infected devices is minimal in comparison to more traditional computing devices.
The report also highlights the increasing professionalism of cybercrime, with the emergence of cybercrime products (i.e. sale of malware creation software) over the years, as well as the decline in casual activist hacks. Hacktivism has become more successful and less prolific – in future, Juniper expects fewer attacks overall, but more successful ones.
According to the report the average cost of a data breach in 2020 will exceed $150 million by 2020, as more business infrastructure gets connected.
Cyber threat landscape
FAnews spoke to Junaid Amra, Associate Director, PwC Forensic Services about the cyber risk landscape.
According to Amra the cyber threat landscape is a rapidly evolving space. “A key factor in this regard is the dependency and high adoption rate of technology across industries and in our personal lives.”
“Based on our Global Economic Crime Survey conducted in 2016 we found that 32% of South African organisations who participated in our survey had been victims of cybercrime. Also based on the type of investigations we are seeing at the moment it is apparent that all industries are being affected by cybercrime – it is not only confined to the financial services sector,” continued Amra.
“In terms of losses at a global level as per our Global Economic Crime Survey, 3% of respondents that were victims of cybercrime had experienced financial losses greater than $100 million. Again, a sobering statistic is that 14% of respondents don’t know or were unable to quantify their financial losses even though they had been victims of cybercrime,” said Amra.
Legislation and the sea of data
When asked what the implications are of outsourcing data processing to cloud providers and the growing use of personal devices to conduct business Amra said, “There’s pro’s and con’s to both these areas. However, the key point is that organisations need to weigh these factors in their context, considering the criticality of the information being stored on these platforms, the implications if issues are experienced, compliance with privacy legislation across territories they operate and how these risks will be managed.”
When asked how legislation and regulation should apply to the seas of data that constitute the heart of the new digital economy Amra said, “We are seeing countries already adopting various legislations in an attempt to regulate this space. Globally privacy legislation is in place in a number of countries, the South African equivalent of this is the Protection of Personal Information Act (PoPI). This will go some way in driving the manner in which technology is deployed where personal information is involved even though the Act is much wider than this. One of the key aspects of this is that organisations will need to disclose to the Regulator in the event of a breach where personal information was potentially compromised. In addition, the Cybercrimes and Cybersecurity Bill will strengthen law enforcement agencies’ capabilities to prosecute in cybercrime matters.”
Reducing cyber vulnerability
In reducing cyber vulnerability Amra said at an organisational level some basic elements which need to be considered are:
Editor’s Thoughts:
Unfortunately, cybercrime, like any other crime, is here to stay. The risk landscape for businesses is substantially changing. Don’t wait for law enforcement to come knocking at your door. Even though it is not possible to mitigate risks, they can be managed with the right strategies in place. Please comment below, interact with us on Twitter at @fanews_online or email me your thoughts myra@fanews.co.za.
Comment on this post