The 2017 Global Opportunity Report, released by DNV GL, Sustainia and the United Nations Global Compact, reveals that many companies are not prepared or even understand the cyber risks faced, as only the 37% of the organizations have a cyber incident response plan in place.
Though silent and often invisible, cybercrime is an exploding threat to businesses globally. The internet economy generates USD 2-3 trillion annually, and estimates show that cybercrime extracts 15-20 percent, costing businesses USD 400-500 billion a year. According to leading experts in the field, every business connected to the internet can expect to fall victim to cybercrime and the projected cost to the global economy is expected to reach USD 2 trillion each year by 2019.
While the Internet of Things is making our cities, products, and services increasingly smart, this ease of communication and high level of connectivity also increases the threat of outside entities breaching secured and private systems.
Billions of low cost connected devices will be introduced into our daily lives, few of the them built secure by design and with security as part of the operational support model. In 2014, the U.S. Director of National Intelligence ranked cybercrime as the top national security threat in the U.S. – higher than that of terror (PWC, 2014). And in 2015, IBM’s CEO Ginni Romett described Cybercrime as “the greatest threat to every company in the world” (Morgan, 2016).
According to PwC’s 2016 Global Economic Crime Survey, cybercrime jumped from 4th to 2nd place among the most-reported types of economic crime compared to the year before. Nonetheless, the survey also showed a general lack of preparedness. Only 37 percent of respondents – most of them in the heavily regulated financial services industry – have a fully operational incident response plan. Three in ten have no plan at all, and of these, nearly half don’t think they need one (PWC, 2016).
The cybercrime ecosystem has evolved and organisations specialize in different parts of the value chain. This includes a range from vulnerability research to market places where a variety of stolen assets or illegal services are being offered to their end user in a streamlined manner, organized with support as professional services by a regular corporation.
The severity of the threat has made cyber security professionals some of the most sought after forms of talent on the current market. Locating the right cyber security talent is challenging for business and the public sector, and this hunt for qualified candidates is only becoming more difficult. Government estimates put the total number of available and unfilled cyber security jobs at 210,000 in the U.S. alone. It is estimated to be 10 to 12 times more difficult to find specialized cyber security professionals than it is to find general IT professionals (Cisco, 2015). The demand is so high that cyber security jobs pay an average of USD 15,000 more per year than similar non security IT jobs.
Besides the costs to businesses, cybercrime also poses a great threat to essential infrastructural systems. On a global scale, for example, the cost of cybercrime in the energy sector is USD 12.8 million annually, making it second only to the financial services sector (Hogan Lovells, 2016). In a study by the U.S. Department of Homeland Security, it was found that of the approximately 200 breach incidents handled by the DHS cyber security team, a majority of them aiming the energy sector (The Hill, 2014). The critical manufacturing sector appears as the second most targeted industry, which includes vendors of critical control systems to the energy sector.
Though existing in the digital rather than the physical world, cybercrime has proven to be a very real danger, threatening innovation in businesses and the safety of societal infrastructure. Cybercrime is thriving as companies and governments are struggling to cope the situation as the breaches are getting bigger.
The 2017 Global Opportunity Report suggests the following opportunities for cyber threats:
1.Artificial intelligence (AI) is an opportunity space offering to move institutions, businesses, and individuals two steps ahead of the next cyber attack. In our increasingly connected world, the risk of cyber attacks is on the rise, which means making cyberspace secure is a near impossible task. But by implementing artificial intelligence, it is possible to manage this increasing data stream with adaptive software that learns from every cyber attack
2. Utilising gamification tools, companies can transform employees from cyber security risks into assets. This opportunity space protects businesses and individuals from cyber threats by teaching smarter digital behaviour in an engaging way, and creates a new market for ethical hackers, hired by companies to find weak spots in cyber networks. Not only does this protect users and create a new market, it overcomes the shortage of cyber professionals.
3. Behavioural biometrics analyses specific human behaviour with intelligent software, adding a new layer of security to verifying identification that is nearly impossible to replicate, without any additional stress for the user. Products and services in this market are moving digital security beyond simple passwords and pin codes, ensuring that as cyber criminals become more advanced, so too do everyday users
Source: www.globalopportunitynetwork.org
The post Only 37% of the organizations have cyber incident response plan appeared first on SAFETY4SEA.