Sunday, October 25, 2020

What You Need to Know – The Cost of Cyber-Crime to Business


In 2019, it is reported that cyber-crime breaches are up 11% year on year and has increased with over 67% in the last five years, according to a study done by Accenture in their Ninth Annual Cost of Cybercrime Global Study. Some countries are seeing alarmingly high increase numbers, the US, Germany and China leading the cost of the cyber-crime list.

According to the South African Banking Risk Information Centre (SABRIC), South Africa has seen an increase of over 100% in Mobile banking application fraud alone.

Let’s explore what we see from a breach research perspective. According to the Australian Government Initiative Stay safe online, 50% of attacks could be blamed to web-based and insider attacks. This coincides with the IBM annual X-Force Threat Intelligence Index 2018, the company concluded that “inadvertent insiders” accounted for two-thirds of all the records that were comprised.

Our workforce is also one of the largest contributors to damages suffered during attacks as the loss of productivity is mostly understated. According to the Cisco CISO Benchmark Report, user awareness is a critical focus for CISO’s globally.

A Ransomware attack takes place every 14 seconds and this is estimated to increase to 11 seconds in the next two years. But who is the largest target sector? According to three different reports, the small business sector is the main target. According to the Australian government, 60% of targeted attacks struck small and medium businesses.

On average across all the research, more than 50% of attacks are focused on smaller businesses. If we look at other sectors and larger enterprise businesses it is clear the financial sector is mostly affected. According to the Ponamon report published by Accenture, the Financial sector suffers the greatest losses per breach in term of costs.

If we look at the actual cost per breach, the jury is out based on my research. I do however think the industry is at a place where we can roughly quantify what these breaches are costing organisations. If we look at the figures reported by SABRIC the South African Financial sector places that cost of a breach at 1,2 million USD per breach.

The Australian Government reports that according to reported cyber-crime research an attack costs in access of 270 thousand USD. Germany is said to be in the top three in terms of what cyber-crime is costing the country as a whole, reporting 50 billion USD in losses.

These numbers seemed thought-provoking however I like to break things down into something I can understand. Based on all the reports, one of the most prevalent attack vectors is Web-based attacks and all the reports and research teams make a noble attempt to quantify some of these breached in a statistically relevant way.

If we look at web-based attack it is reported that the cost per breach varies between 53 thousand  USD up to 114 thousand USD if we apply a very simplistic average it is 83 thousand USD.

If you take into consideration that 60% of attacks are focused on the small business sector – this figure is alarming. The question beckons if a small or medium business can survive an attack at that cost – not to mention the added risk of regulatory fines.

Even though all of the reports mention how the cost per attack is calculated mentioning business interruption, information loss, revenue loss and equipment damage among other factors. Most attacks target data and if the company is found to not have done what is reasonably expected to protect their data these attacks could be subject to fines by the Data privacy regulators.

If we take this one step further, like in the case of Equifax, the cost of a breach can also increase due to civil procedure or corrective actions required to assist affected data subjects. Equifax was fined £500,000 [$625,000] in the UK for the 2017 breach, which was the maximum fine allowed under the pre-GDPR Data Protection Act.

This however now stands at over 700 million USD if you add the settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states that claimed damages against Equifax.

The cost of a breach is increasing and the likelihood of breaches is following suit. We elevate focus as the world takes data privacy more serious and we are seeing some large fines by Data Privacy Regulators globally.


Must Read

Julius Baer will withhold millions of francs in bonuses from its former chief executives Boris Collardi and Bernhard Hodler, as a result of a...
Nine current or former Goldman Sachs executives, including CEO David Solomon, will have to pay back hundreds of millions of dollars in compensation over...
Goldman Sachs has agreed to pay nearly $3bn (£2.3bn) in the US to end a probe of its role in Malaysia's 1MDB corruption scandal. The...
Goldman Sachs ignored multiple red flags over the multibillion-dollar fundraisings it arranged for state fund 1Malaysia Development Berhad, Hong Kong’s financial regulator said on...
Lacey Mase, one of the top aides who accused Texas Attorney General Ken Paxton of crimes including bribery and abuse of office, has been fired, she told The...

Latest News

Julius Baer will withhold millions of francs in bonuses from its former chief executives Boris Collardi and Bernhard Hodler, as a result of a...
The CEO of Arbistar the Spanish investment company, Santiago Fuentes, has been arrested and arraigned on charges of fraud, belonging to a criminal organization...
Six people from three states are charged with defrauding $12 million from federal student aid programs by allegedly enrolling students into a theology school...
Pakistan Muslim League-Nawaz (PML-N) chief and Opposition Leader in the National Assembly Shehbaz Sharif was sent to jail on Tuesday in a money laundering...
The former president and CEO of Blue Bell Creameries L.P., a Texas ice cream company, was indicted Tuesday on wire fraud charges in connection with a scheme...

Adblock Detected!

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by whitelisting our website.

Enable Notifications    Ok No thanks