In
a blog I posted a couple months ago, I mused about the usefulness of
prognostications when it came to the field of cybersecurity. These sometimes less than educated speculations
are often obvious pieces of data regurgitated from other reports or even
findings from previous years. The one
aspect of this process I find useful however is the financial component. Cybersecurity experts may find fault with
generic threats for the upcoming year however, decision-makers often use these
reports to direct their ever-increasing IT and IS budgets.
A
2014 PricewaterhouseCoopers survey found that 69% of executives expressed “concern
about cyber threats.” This number was
increased to 86% in the 2015 survey (Meola, 2016). What these figures indicate is that
cybersecurity and its associated expenditures are not going away anytime
soon. One of the highlights from Meola’s
article was the following infographic which illustrated the main drivers of
cyber spending.
Meola
also introduced two interesting, albeit very expensive ($495) reports from the
publication, Business Insider. Highlights from The IoT Security Report and
The Cyber Insurance Report include:
BI
*Research
has repeatedly shown that many IoT device manufacturers and service providers
are failing to implement common security measures in their products.
*Hackers
could exploit these new devices to conduct data breaches, corporate or
government espionage, and damage critical infrastructure like electrical grids.
*Investment
in securing IoT devices will increase five-fold over the next five years as
adoption of these devices picks up.
*Traditional
IT security practices like network monitoring and segmentation will become even
more critical as businesses and governments deploy IoT devices.
*Cyber
insurance plans cover a variety of costs related to cyber attacks, including
revenue lost from downtime, notifying customers impacted by a data breach, and
providing identity theft protection for such customers.
*Annual
cyber insurance premiums will more than double over the next four years,
growing from to ~$8 billion in 2020.
*However,
many insurance companies have been hesitant to offer cyber insurance because of
the high frequency of cyber attacks and their steep costs. For example,
Target’s notorious data breach cost the company more than $260 million.
*Insurers
also don’t have enough historical data about cyber attacks to help them fully
understand their risks and exposures.
*There
are large underserved markets with very low cyber insurance adoption rates such
as the manufacturing sector, where less than 5% of businesses have cyber
insurance coverage.
What
the infographic and these two articles demonstrate is that cyber threats, both
perceived and actual, are on the rise. Perhaps
more importantly, the budgets associated with mitigating or transferring the
risk from these vulnerabilities is also on a similar trajectory.
References
Meola,
A. (2016). This one chart explains why cybersecurity is so important. Business Insider. Retrieved from http://www.businessinsider.com/cybersecurity-report-threats-and-opportunities-2016-3
