The cost of cybercrime to the global economy has increased by 50% in the past two years.
In their new report, The Hidden Costs of Cybercrime, McAfee experts say that cybercriminals have caused at least $1 trillion in damage in 2020.
Meanwhile, the number of cyberattacks on businesses continues to grow as technology becomes more and more advanced. The focus of cybercriminals has now shifted to remote work. According to analysts, the vast majority of companies (92%) say that cyberattacks caused them not only financial losses. Unplanned downtime has also increased, and the costs of investigating breaches and disruptions started to rise.
McAfee found that most organizations do not take cyber threats seriously.
That makes companies vulnerable to sophisticated social engineering tactics, as employees are unable to recognize a problem and prevent a cyberattack in its initial stages.
This kind of phishing usually targets the company’s HR or finance department. The cybercriminal pretends to be an employee and thus obtains the necessary information. In a recent case, the cybercriminals accessed the CEO’s account and sent several emails to the accounting department, asking for money transfers. The accountant thought the requests were legal and transferred more than $10 million to the criminals.
Experts say that the majority (56%) of organizations have no plan for preventing and responding to cyber incidents. And of the 951 organizations that actually had a response plan, only 32 percent said it was effective. McAfee believes there are several tactics that can help to increase cyber resistance:
- Apply basic cybersecurity rules within the company;
- Increase the transparency of organizations‘ operations;
- Standardize and coordinate cybersecurity compliance;
- Conduct cybersecurity awareness training for employees;
- Develop plans to prevent and respond to cyber incidents.
Cybercrime causes more than just intellectual property and money theft. 92% of businesses surveyed believe there are other negative consequences to their business besides financial costs and lost work hours. What else harms organizations?
- System downtime. The average loss to organizations from downtime in 2019 was more than $762,000. Among survey respondents, 33% said information security incidents resulting in system downtime cost them between $100,000 and $500,000.
- Reduced efficiency. As a result of downtime, organizations lost an average of nine working hours per week, which of course resulted in reduced efficiency. The average downtime was 18 hours.
- Response costs. It took most organizations an average of 19 hours to go from detecting an incident to fixing it. Not everyone was able to solve problems with internal resources alone. Many companies resorted to external consultants in an emergency, which came at a cost.
- Damage to the brand and reputation. Restoring the brand image, working with consultants, and hiring new employees to prevent future incidents – all these costs a lot but is vital to renew the company after a cyber incident.