Cyber crime to cost businesses trillions

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 26 Apr 2017
Global cyber security spend will reach nearly $135 billion in 2022.
Global cyber security spend will reach nearly $135 billion in 2022.

Over the next five years, data breaches will have cost global business a total of $8 trillion in fines, lost business and remediation costs.

This is according to the Juniper Research report, "The Future of Cybercrime & Security: Enterprise Threats & Mitigation 2017-2022", which found that while organisations' spend on cyber security is increasing, it is not keeping pace with threats posed by data breaches.

"Global cyber security spend will reach nearly $135 billion in 2022, up from an estimated $93 billion this year," reveals the research.

"Businesses are now faced with a plethora of different cyber security solutions to choose from, many of which don't integrate well with each other and require a high level of expertise and manpower to manage. This means that threats can be missed, and small businesses, which are more likely to be targeted by cyber criminals, are the least able to effectively manage their security."

Meanwhile, a Kaspersky Lab report, "Measuring the Financial Impact of IT Security on Businesses", found a single cyber security incident now costs large businesses around $861 000 on average, while small and medium businesses (SMBs) end up paying an average of $86 500 per incident.

Riaan Badenhorst, MD of Kaspersky Lab Africa, says the average IT security budget will cover only 2.5 cyber attacks once all direct and indirect losses are taken into account.

"With thousands of threats attacking the corporate world every day, efficient cyber security definitely pays off. Businesses understand the threat clearly; 59% of SMBs and 62% of enterprises say they will improve their security regardless of an ability to measure return. This is something that cannot be remedied via budget increases. It requires talent, intelligence and an agile attitude towards protecting one's business," explains Badenhorst.

Other research, the "Global Economic Crime Survey 2016" conducted by PWC, revealed nearly a third (32%) of South African organisations have experienced cyber crime, and the number is growing rapidly.

To deal with this increasing complexity, Juniper Research says several cyber security firms, like Cylance, Darktrace, Fortscale and Patternex, are using machine learning to monitor network and program behaviours, detecting and eliminating many anomalies without involving a cyber security professional. This can address the capability gap that SMBs face when considering cyber security.

"AI [artificial intelligence] provides a solution for the cyber security market's talent gap, performing similar roles to cyber security analysts," says James Moar, research author, Juniper Research. "However, in order to succeed, these new approaches must also bring simplicity and interoperability to end-users, in what is a very fragmented market."