Over the past few years, the cyber threat landscape has expanded dramatically, causing a great deal of concern for governments and businesses both large and small. For private companies that hold proprietary corporate data and customer information a breach, or a cyber-attack of any kind can lead to devastating and long-lasting consequences, such as financial losses, reputational damage, operational disruption, or fines and regulatory sanctions.
Cybercrime is on the rise, and so are costs. In fact, experts estimate that global cybercrime costs will grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025, with organizations paying an average of $25 per minute due to cyber security breaches. Cybercrime costs include a number of factors, such as data damage; theft of money, intellectual property, and personal and financial data; fraud; post-attack disruption of business operations; forensic investigation; restoration of compromised systems and many more.
In 2022, data breaches have been more costly for organizations than ever before, with data breach costs rising 13% from 2020 to 2022. The global average cost of a data breach in 2022 is estimated to be $4.35 million, higher by $0.11 million than last year’s figure and the highest to date. The overall average cost of a data breach is now $15.01 million.
One of the key requirements of an effective cybersecurity strategy is to ensure that an organization’s systems and software are kept up to date, but a recent study has shown that many companies are relying on outdated, legacy backup and recovery infrastructure to manage and protect their data. According to the survey, 46% of respondents said that their organization relies on primary backup and recovery infrastructure that was designed in, or before, 2010, and around 100 respondents revealed that their organization uses backup and recovery infrastructure that was built in the last century.
Furthermore, recent research has found that a large number of organizations expose sensitive and insecure protocols to the public internet. In particular, 64% of those surveyed revealed that their organization has at least one device exposing SSH, while 36% of organizations had at least one device exposed via the insecure file transfer protocol (FTP), and 41% had at least one device exposing LDAP (Lightweight Directory Access Protocol). In addition, 12% of organizations still have at least one device exposing Telnet to the public internet. Such oversight significantly increases the risk of remote cyber-attacks.
As for the most common entry points for cyber intrusions, cloud servers are now top the list, with 41% of companies reporting it as the first point of entry, a 10% increase from 2021. Business email compromise occupies the second place, with 40% of businesses naming it as the main entry point for attackers, followed by corporate-owned servers (37% of respondents), remote access servers (31%), employee-owned mobile devices (29%, up 6% from the year before) and distributed denial of service (DDoS) attacks (26%).
In total, 48% of organizations reported a cyber-attack in the last 12 months, a 43% rise from 2021 - even with a 60% higher cybersecurity spending, cyber-attacks increased by 5% compared to the year before. The median cost of an attack has risen 29% to just under $17,000. The survey has also revealed that 64% of organizations now have cyber insurance as a standalone, or part of another, policy, up from 58% two years ago.
Cybercrime has become an easily accessible and highly commoditized industry. Newcomers, without significant technical skills and without spending much time on preparation, may now launch large-scale phishing campaigns by renting spam servers, buying stolen databases of emails and ready-to-use phishing kits. The overall efficiency of such an approach is pretty far from being high, however, given the volume, thousands of careless users become victims of hackers.
As the use of artificial technologies grows and becomes more widespread, AI is making its way in cybersecurity improving automated detection and response to attacks, network efficiency, and vulnerability detection.
A study shows that 53% of enterprises use AI tools to scale security and lessen costs via automation, while only 11% do not leverage AI and do not intend to do so. According to a recent report, the global enterprise artificial intelligence market size is predicted to reach $155.2 billion by 2030.
Ransomware continues to be the primary threat to large and medium businesses (including government, healthcare and other critical organizations), with global ransomware damages predicted to exceed $30 billion by 2023. During H1 2022, there were a total of 236.1 million ransomware attacks worldwide. Although it should be noted that overall the number of ransomware attacks decreased significantly between the second and fourth quarters of 2021, going from nearly 189 million cases to 133 million. According to statistics, 19% of companies suffered a ransomware attack, up from 16%, and two-thirds of the companies paid up the ransom.
Of course, there are measures that organizations can implement to reduce costs and minimize their security breach risks, for example, using artificial intellect technologies and automated tools. A study showed that breaches at organizations leveraging AI and automation tools cost $3.05 million less than at organizations that do not use such tools and companies that have an incident response (IR) team and regularly test their IR plan saved on average $2.66 million.
Furthermore, organizations that have implemented a zero-trust architecture have an average of $1 million less in breach costs, and the use of extended detection and response (XDR) technologies allowed to save an average of 29 days in breach response time. It is also important to perform web and mobile security application testing regularly to detect weaknesses in an organization’s apps before malicious actors could exploit them.
While the cost of cybersecurity may be a stumbling block for many organizations, especially small businesses, they could implement security measures at different levels depending on their budget. For example, use standard cybersecurity frameworks, invest in cost-effective cybersecurity tools, conduct regular cybersecurity training, and implement an incident response plan that will help minimize losses and manage the aftermath of a cybersecurity incident.