Skip to main content

CYBERCRIME IS THE WORLD’S GREATEST THREAT

Former IBM executive chairman and CEO Ginni Rometty, who established a 6,000-member Security Business Unit at IBM in 2015 to combat cybercrime, described data as a transformative competitive advantage for the 21st century. Rometty emphasized that cybercrime is, and should be recognized as, the greatest threat facing industries and organizations worldwide. According to Cybersecurity Ventures, global data storage is expected to reach 200 zettabytes by 2025 – a staggering total equivalent to one trillion gigabytes. This vast amount of data carries tremendous value, making it an ever-appealing target for cybercriminals. A key factor driving the surge in cybercrime is the reduced need for advanced technical expertise to carry out attacks. For instance, malware can be easily purchased on the dark web, alongside illegal services offering Ransomware-as-a-Service (RaaS). These RaaS kits often include features like quality assurance, helpdesk support, and even money-back guarantees, making cyberattacks more accessible than ever before.

THE ECONOMIC COST OF CYBERCRIME

The World Economic Forum highlights that cybercrime has escalated to become the world’s third-largest economy, surpassed only by the United States and China. Cybercrime now generates more revenue than the combined totals of global illegal drug trafficking, counterfeiting, and human trafficking. In 2023, cybercrime cost the world $8 trillion, with estimates suggesting it could grow to $10.5 trillion by 2025. To illustrate the scale, Microsoft, the world’s largest software company and one of the wealthiest organizations, reported an annual revenue of approximately $200 billion in 2022. Cybercriminals, by comparison, operate within an ecosystem worth more than 50 times that amount. The financial toll of cybercrime extends beyond staggering revenues for criminals; it inflicts significant losses on businesses and economies. For example, the 2017 WannaCry ransomware attack devastated global industries, including healthcare and technology, affecting over 200,000 computers across more than 100 countries. In just four days, it caused an estimated $8 billion in damages. The economic consequences of cybercrime are particularly severe in certain regions. A study by the Centre for Strategic and International Studies (CSIS) and McAfee found that Europe suffers the most, with losses equivalent to 0.84% of its regional GDP. North America also faces substantial losses, with cybercrime impacting 0.78% of its GDP.

THE COLLATERAL COST OF CYBERCRIME

The FBI characterizes cybercrime as a multifaceted global issue involving not only criminals but also nation-states aiming to breach networks, disrupt critical infrastructure, and steal financial assets or intellectual property. Among these concerns, economic espionage stands out as a critical threat. Sponsored by foreign powers, it targets sensitive technologies and data to manipulate economic policies or gain strategic advantages in finance and trade.

Estimating the true cost of cybercrime is challenging due to its vast scope, varying definitions, and inconsistent measurement methodologies. Costs span a wide array of impacts, including:

  • Damaged intellectual property (IP) and confidential business data
  • Stolen personally identifiable information (PII)
  • Bank account and financial data theft
  • Financial manipulation and insider trading
  • Loss of trust and reputation
  • Operational disruptions
  • Ransom payments
  • Corporate smear campaigns and disinformation via social media
  • Political interference
  • Costs of post-attack recovery

CYBERCRIME EXACERBATING FACTORS

Reporting discrepancies across countries and sectors exacerbate the challenge. For instance, only 13% of cybercrimes are reported in the UK, partly due to organizations’ reluctance to disclose breaches for fear of reputational damage or customer trust erosion. Compounding this, many companies remain unaware of breaches for extended periods, delaying acknowledgement and reporting. Another overlooked cost is the economic ripple effect of cybercrime. Lost sales and diminished consumer confidence directly impact businesses and economies. For example, consumers may avoid shopping on platforms perceived as insecure, reflecting how public sentiment towards cyber threats influences broader economic performance. To understand the total economic cost of cybercrime, these direct and indirect losses must be integrated into any assessment.

CYBERCRIME AND CYBERSECURITY SPENDING

To combat increasingly frequent and sophisticated cyberattacks, adaptable strategies capable of addressing emerging threats are essential. The integration of artificial intelligence (AI) into cybersecurity is a key development in this effort. According to International Data Corporation (IDC), AI in cybersecurity is growing at an annual rate of nearly 25%, with the market expected to surpass $45 billion by 2027. Gartner predicts that by 2025, the rise of AI-powered fraud will compel organizations to prioritize cybersecurity training and enhance information security awareness among employees. This focus will be critical as AI tools evolve to assist not only defenders but also cybercriminals in executing more complex attacks. Future investments are also likely to increase in threat intelligence, encompassing both offensive and defensive measures. Proactively anticipating, mitigating, and preventing attacks through a deeper understanding of cybercriminal behaviour will become vital to safeguarding information systems, especially as attackers exploit cutting-edge technologies to breach defences. The principle of prevention over remediation remains paramount in addressing data breaches. Preventing breaches is far less costly and disruptive than repairing compromised systems. Remediation often incurs substantial financial and operational costs, including downtime, lawsuits, regulatory penalties, and long-term reputational damage. Therefore, robust preventive measures remain the cornerstone of an effective cybersecurity strategy.

PROTECTING THE ECONOMY FROM CYBER THREATS

Future economic threats are likely to emerge from the convergence of terrorism, political activism, and organized crime, with adversaries increasingly collaborating and leveraging advanced technologies. To counter these risks, organizations must adopt comprehensive cybersecurity practices, invest in skilled personnel, and implement robust policies, systems, and procedures. Key strategies include:

THREAT INTELLIGENCE

Organizations need proactive cybersecurity measures to identify and address threats before they escalate. Using threat intelligence, leaders like CISOs can predict and prevent attacks, which is more cost-effective than remediation. Ethical hacking (offensive cybersecurity) allows businesses to find and fix vulnerabilities pre-emptively.

KNOWLEDGE SHARING AND COLLABORATION

The interconnected nature of IoT and supply chains means vulnerabilities are shared across networks. Organizations should exchange information on emerging threats and report breaches, even without legal mandates. Global government collaboration, such as the FBI’s takedown of Silk Road 2.0, highlights the value of unified action against cybercrime. Standardized international cybersecurity regulations could further strengthen supply chain defences.

AI AND MACHINE LEARNING

AI and ML enhance cybersecurity through:

  • Continuous Monitoring: AI systems provide 24/7/365 monitoring and handle multiple threats simultaneously.
  • Real-Time Response: AI detects and mitigates threats quickly, matching the speed of AI-powered cyberattacks.

CYBERSECURITY TRAINING AND AWARENESS

Human error, especially via phishing and social engineering, remains a top vulnerability. Organizations must:

  • Train employees on recognizing threats like phishing and maintaining strong passwords.
  • Implement multi-factor authentication and regular updates.
  • Develop incident response, disaster recovery, and business continuity plans.

By focusing on prevention, knowledge-sharing, and advanced technologies, businesses can stay ahead of evolving cyber threats while minimizing economic and operational risks.

SECURING SMEs

When considering the global economy, it’s easy to assume cybercrime primarily impacts major corporations. However, businesses of all sizes contribute to the economy, and small to medium-sized enterprises (SMEs) are equally, if not more, vulnerable to cyberattacks. While smaller firms handle less data than large enterprises, they typically have weaker cybersecurity defences. Additionally, their connections with larger business partners can make them an attractive target for cybercriminals, serving as a potential entry point to compromise entire supply chains.

SUPPLY CHAIN RISK MANAGEMENT

Organizations enhance their security by protecting their attack surfaces, including those of their third- and fourth-party partners. Supply chain risk management aims to identify, mitigate, and address vulnerabilities within these interconnected networks. Firms heavily reliant on digital supply chains, such as those using third-party apps, cloud storage, or other cloud-based services, must assess both digital and physical supply chain risks to safeguard their infrastructure. Collaboration with suppliers and vendors fosters a mutual awareness of cybersecurity risks, helping to close gaps in security controls and reduce vulnerabilities across the entire cyber ecosystem.

PROTECT IT BETTER

As London’s #1 end-to-end business Cybersecurity & IT Support for SMEs, Zhero has what it takes to protect your data and network – always and forever. Our Protect IT Better offering has been carefully crafted and developed to proactively nurture and build a sustainable cybersecurity environment giving your business a competitive advantage. We’ve incorporated the most advanced technology-as-a-service innovations and created Protect IT Better. Protect IT Better follows a holistic approach that ensures you are always protected against modern-day cyberattacks. Reach out to us today and we’ll show you how to do it.

Leave a Reply