Cyberattacks have become commonplace. Businesses and organizations of all sizes and industries are targets of increased attacks from hackers.
Cyberattacks can cripple a company through the loss of data, proprietary information, and access to systems. Businesses face considerable costs due to these attacks, which can cripple and bankrupt companies.
A sound cybersecurity policy allows your business to remain protected from cyberattacks. Yet too many companies remain lax when it comes to cyberdefense.
Here are 9 facts about cybersecurity that will shock you.
1. The Costs of Data Breaches Are Staggering
According to the Cost of a Data Breach Report 2021, produced by the Ponemon Institute and IBM, there are significant consequences to a data breach. Here are some of the key findings:
- The average cost of a data breach increased by 10 percent year over year to $4.24 million per breach, the most significant increase in seven years
- The increase in remote work due to COVID-19 contributed to the average total cost
- Lost business was the largest portion of the average total cost, totaling $1.59 million
- System complexity and compliance issues were the top reasons for the increased average total cost
- Healthcare organizations faced the costliest consequences of data breaches for the 11th year in a row
- Hackers stole customer personally identifiable information (PII) more than any other type of information. Attackers stole PII in 44 percent of data breaches
- Hackers used compromised credentials most often as the initial attack vector. The method accounted for 20 percent of data breaches
- A zero-trust approach, security artificial intelligence and automation all helped reduce the average cost of a breach
2. Global Costs of Cybercrime Are in the Trillions
Cybersecurity Ventures reported that the worldwide costs of cybercrime will reach $10.5 trillion annually by 2025. That represents a fivefold increase from the $3 trillion in cybercrime costs in 2015.
The projection includes the following costs:
- Data damage and destruction
- Stolen money
- Productivity losses
- Intellectual-property theft
- Theft of financial and personal data
- Post-cyberattack business disruptions
- Deletion of hacked data and systems
- Reputational harm
3. Windows 7 Machines Pose a Cybersecurity Risk
In January 2020, Microsoft stopped supporting and updating Windows 7 operating systems. However, a year later, at least 100 million computers were still running Windows 7.
How is this a cybersecurity issue?
Millions of computers use an operating system that lacks the latest cyberdefenses. For example, these computers carry increased risk without automated updates to anti-malware and anti-spam tools. They are much more susceptible to successful attacks as hackers exploit vulnerabilities.
4. Certain Industries at Increased Risk
In NTT’s 2021 Global Threat Intelligence Report, researchers indicated that finance, healthcare, and manufacturing industries represent 62 percent of all cyberattacks.
Remote work has dramatically shaped the cybersecurity landscape. The COVID-19 pandemic changed the way businesses approached cybersecurity. Nearly five in six organizations in the NTT study reported rethinking their IT security plans to reflect more remote work.
More than half (54 percent) of reporting organizations indicated they would not return to pre-pandemic approaches to IT security.
5. Attackers Have Adapted with New Threats
Sole actors and groups alike are rethinking their approaches to cyberattacks. The NTT report indicates the pandemic drove creative new criminal strategies to access data and systems. The new attack vectors include:
- Distributing keyloggers, spyware and other malware types
- Targeting education and health care institutions involved in COVID-19 treatment
- Sharing malicious Microsoft Word, PDF and RTF documents
At companies like Welsh Consulting one of the best cybersecurity companies, cybersecurity prevention is at the core. IT assessments can identify potential vulnerabilities and recommend changes and enhancements. Welsh Consulting uses threat detection and anti-malware services to identify and block attacks before damage occurs.
6. Security Attacks on the Rise Broadly and for each Organization
Accenture reports in its 2021 State of Cybersecurity Resilience study that attacks are up by multiple measures. The Accenture survey of 4,744 respondents showed successful cyberattacks increased 32 percent in 2021 over 2020 figures. Ransomware attacks increased at an even higher rate.
As alarming is the volume of attacks on average per company. The study showed that the average number of attacks per company increased 31 percent to 270 compared to 206 in 2020. There were 29 successful attacks per company, compared to 20 successful attacks in 2020.
More than four out of five executives (81 percent) indicated that “staying ahead of attackers is a constant battle and the cost is unsustainable,” up from 69 percent in 2020. Yet nearly an identical number (78 percent) of executives indicated they were unsure how or when a cybersecurity issue would affect their organizations, up from 69 percent just a year earlier.
7. Cryptojacking a Growing Threat
Cryptojacking, the unauthorized use of system resources to mine cryptocurrency, is rising. CrowdStrike reported that the volume of cryptojacking disruptions quadrupled in 2021. The Institute for Application Security report indicated that a quarter of all Alexa sites host the malware mining script.
8. Phishing Most Common Attack Vector
In Verizon’s 2021 Data Breach Investigations Report, phishing is the top action involved in breaches, accounting for nearly 40 percent of all incidents. The second and third specifically identified actions were using stolen credit cards and ransomware attacks.
The Verizon report indicated that the actions most frequently attempted to use credentials (61 percent) to execute an attack. Personal information (50 percent) and medical information (10 percent) were the two next-most-frequent items targeted in attack attempts.
9. Education Still a Powerful Deterrent
Raising awareness of cybersecurity threats is an ongoing challenge for companies. However, education is a powerful deterrent. The Verizon study, for example, indicated that 85 percent of data breaches had a human element.
Cybersecurity awareness helps employees understand how cyberattacks work and how to identify fraudulent emails and texts. Programs that reinforce the need for security, simulate phishing attempts and guard against sharing credentials can prevent successful attacks.
Cyberattacks can cripple your business. However, with proven security measures provided by a managed services provider, your business can stay safe.