The Cost of Cybercrime

A new Cybersecurity Ventures report out today shows the cost of cybercrime will almost double to almost $6 trillion (6 with 12 zeros behind it) by 2021.

The report can be found here (my apologies but our linking is not working), so you will just have to click:

Hackerpocalypse Cybercrime Report 2016

Some of the key findings:

  1. Annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion in 2021.
  2. These costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of financial and personal data, embezzlement, fraud, and costs for getting back to normal business.
  3. Global spending on cybersecurity products and services will increase to $1 trillion.
  4. While the US has declared a national emergency to deal with cyber threats, the rest of the world is still a little behind.
  5. As more products enter the field, the attack surfaces will increase in relation.
  6. Black-Hat hackers motivations include money, espionage, notoriety, and malicious intent.  Additionally, they are faster, more daring and more experienced than White-Hats, who are still limited by boundaries and rules.
  7. The cybersecurity workforce shortage is expected to reach 1.5 million by 2019.  (Visit our discussion on skill retention published earlier)

The report provides a lot of great analysis and helps set the conditions for more discussion within your organization and your community.  Some things to think about from your organization:

  1. What plans do we have in place right now?
  2. How are you protecting our intellectual property?
  3. How are you protecting our critical information?
  4. What amount of your budget deals with security?
  5. What gaps/vulnerabilities exist that you have not had the opportunity to address?  Do you have a plan for remediation?  What is holding you back?
  6. What is your plan for keeping your security talent?

You don’t need to have answers to all of these now, but you should be working towards them.  These types of reports can spur action.  It’s no secret that attacks are only going to get more sophisticated and increase in number.  As security professionals, we need to impress upon our organizations that security needs to be ingrained in all elements of the business, big or small.

And it can start today.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s