Cybersecurity is becoming more and more expensive

Why do companies need to pay more money for the security of their information today, but still cannot fully guarantee that it is safe?

What do statistics say?

According to the statistics published by Gartner, global security spending will hit $96 Billion by the end of 2018, which is 8% more than it was in 2017 and will be 35% by 2020. This is due to the arrival of new regulations (like GDPR), development of online business strategy and sophistication of hacker tools and abilities. Today, as Gartner claims, more than 53% of companies state data breaches as their number one risk. We decided to sort out all the reasons, associated with cybersecurity spending rise in detail.

Advanced hackers

One of the reasons associated with the increase of cost of cybersecurity is significantly sophisticated hacking specialists. Almost any company has the information stored online on its website and if a hacker steals this information, they receive keys to everything, even very sensitive data of the company’ clients (credit card numbers, address, full names, etc.) There are plenty of examples of well-planned and expensive attacks organised against very famous companies. Such as, one of the world biggest cybersecurity consultants Deloitte suffered from the data breach. This breach involved stealing of some confidential information about Deloitte clients, like private emails. The company has identified and confirmed the compromise in 2017 but admits the attack might have happened much earlier — in 2016 — says Guardian.

Easily available tools

Besides well-trained and highly skilled hacking specialists who pose a serious cyber threat to companies, the amount of information and the variety of tools and software available on the internet even for free make a developing risk of casing a cyber-attack from less hacking savvy people.

Regulations

The introduction of regulations, like the GDPR (General Data Protection Regulation, that induces companies to take cybersecurity more seriously and review their cybersecurity policies or face great fines) or PSD2 (Revised Directive on Payment Services that aims to protect people’s information when they make online purchases). European Union established these regulations for companies to guarantee better protection of their clients’ information. Their requirements involve the implementation of tech and management measures and strategies to protect private information, review online security policies, identify and report breaches and use only innovative web and mobile payment options. This, obviously, takes more time, effort and money.

Today the number of days and the cost of cyber-attack depending on its type appears as follows:

Web-based attacks — 22.4 days / £1.52 million;

Malicious insiders — 50 days / £960 thousand;

Phishing — 20 days / £960 thousand;

Stolen devices — 14.6 days / £700 thousand;

Botnets — 2.5 days / £260 thousand;

Denial-of-service attacks — 16.8 days / £1.52 million;

Malware — 6.4 days / £1.57 million.

source