The number of cyberattacks worldwide is growing at a dizzying pace. The latest to come to mind is Bad Rabbit, but there have been many others. This number goes hand in hand with the growing economic impact of cybercrime, as underlined by the recent report of Accenture and Ponemon Institute “2017 Cost of Cybercrime”.
The number of security breaches increased by 27%
Since the beginning of this study, in 2009, the number of cyberattacks has grown year by year. But the pace from 2016 to 2017 has been dramatic: on average, companies were successfully attacked 130 times on average. One of the main reasons for this high number was undoubtedly WannaCry and NotPetya.
The economic consequences of these and other security breaches, and the investment required to combat them, have meant an average cost for companies in excess of 11.7 million dollars.
Time is money
The study notes something that may seem quite obvious: the longer it takes to find a solution, the greater the economic impact of cybercrime. And the bad news is that, in general terms, that time interval is increasing. Although security officers have been able to respond more aggressively to DDoS and web-based attacks (twenty-two and sixteen days respectively), they increasingly need more time to implement mitigating measures for cyberattacks that use malware (fifty-five days vs. forty-nine as of 2016). Malicious software attacks, in particular, were the most costly for companies, reaching 2.4 million dollars.
Five keys to increasing the level of security in your company
The negative effects of a cyberattack can vary widely: data theft, reputation crises, economic losses, irreparable damage to equipment and technical infrastructure, etc. So it is important to take into account a series of measures to increase your company’s level of protection and minimize the impact of cybercrime.
- Prioritize critical assets: It is unrealistic to think that the company can be one-hundred percent protected. An effective security plan is able to identify which assets are fundamental to the operation of the company and strengthen their defenses.
- Build awareness with your employees: The protection of the company depends, to a certain extent, on their decisions. Properly your company’s workforce reduces, for example, the risk of suffering a social engineering attack.
- Implement advanced cybersecurity solutions: These tools allow you to anticipate the malicious behavior of threats and to activate protection systems even before the malware is executed. For example, thanks to the continuous monitoring of all processes and the advanced prevention, detection and remediation capabilities of Panda Adaptive Defense, none of the clients equipped with our solution was affected by Bad Rabbit.
- Make backups: Your company doesn’t only need backup copies; the data contained in these backups is critical and, therefore, must be protected correctly. Among other measures, these backup copies should only be accessed by those who expressly need it and access passwords should be sufficiently robust.
- Have a coordinated security strategy: On numerous occasions, cybercrime is a form of organized crime. The defense must also be coordinated and highly organized.
The number of security incidents and the economic impact of cybercrime will continue their upward trend. It’s time to start thinking of cybersecurity as an investment, and not an expense.