Managing Cyber Risk Part One: 5 Insights from the Nowcomm Security Masterclass
By Jane Frankland
Cybersecurity is big business. It impacts industry and individuals alike and does not discriminate. Last year, Verizon reported that 71% of breaches were financially motivated, 25% came from espionage, and 21% were caused by human error. Unsurprisingly, according to Gartner, spending continues to rise and is forecast to reach $133.7 billion by 2022. Furthermore, from 2019–2023E, approximately USD 5.2 trillion in global value will be at risk from cyberattacks.
1. All attacks are not sophisticated.
Hackers don’t reinvent the wheel for every attack they execute. These days, hacking as a service is cheap. It starts at just USD 5 per hour, USD 30 per day, or less. Attacks are automated whenever they can be, and the methods bad actors use are mostly similar, if not the same.
2. Hackers don’t purely target big businesses.
They target low hanging fruit. They follow the money trail. That’s businesses that believe they’ve invested enough in cybersecurity (but haven’t) and/or are overconfident and think they won’t be targeted (but are). Last year, according to Verizon, 43% of cyberattacks targeted small businesses.
3. Hackers are creative, adaptive, resourceful, and business-like.
They make guarantees, offer support contracts, and will find a way into your organisation. That could be through common hacking techniques like phishing, bait and switch, cookie theft, deep fake, password cracking, social engineering, and so on. It could be through your organisation, directly, or through your supply chain. According to Gartner, 60% of organisations are now working with more than 1,000 third-parties. That’s why no matter how big or small your organisation is, it’s really only a matter of time before you’ll be breached, or you discover you already have been. IBM found that the average time to identify a breach in 2019 was 206 days. This doesn’t include the time it then takes to rebuild what was lost.
4. Human error causes many data breaches.
The figures vary with Verizon reporting 21%, IBM reporting 24% and Cybsafe reporting 90% in 2019. Given the remote working and flexible working status globally, the successful cyberattacks into home networks, reaching vulnerable home workers on unsecured devices is on the rise[JF1] .
5. Security intelligence comes with a high pay off.
When Accenture analysed 9 cutting-edge technologies that are helping to reduce cybercrime, and calculated their net savings: the total potential savings minus the required investment in each type of technology or tool, they found the figure amounted to almost USD 2.3 million.
Data is a strategic asset for any business and any hacker, so when it comes to protecting an organisation from cyberattacks and compliance failures, one of the most common problems I see is the ability of leaders to identify the risks they face, as well as evaluating, communicating, and tackling them in a timely fashion.
This was something we discussed in the Nowcomm masterclass with Nowcomm co founders as well as future of work expert, Perry Timms. You can still get access to the recording here.
Read Jane’s Part Two blog to find out the seven insights gained from the Masterclass.
About Jane Frankland
Jane Frankland is an award-winning entrepreneur, best-selling author and keynote speaker. She’s been named as a top 20 global influencer in cybersecurity, a top 100 UK influencer in tech, a LinkedIn Top Voices, a Global Digital Ambassador, and is a world leader on how to attract and retain women in cybersecurity. She’s spent over 22-years in cybersecurity, built and sold her own hacking firm, and directed some of the world’s most well-known security consultancies. Through her career and companies, she’s been actively involved in leading industry accreditations, schemes and forums, judging awards and advising boards. Today, she is an influencer for major brands, an activist for women’s rights and is working to better the world by ensuring women are seen, heard, and better equipped to advance their careers and businesses in male dominated industries.