“Bring people along in a meaningful way, tied to the risks, using the language of the business, and register what the company needs to worry about.” - Stephen Burke
“Each one of us is either a target or a victim of cybercrime. Human error caused 90 percent of cyber data breaches in the UK in 2019, according to the Information Commissioner’s Office – and it’s a similar picture around the globe. The Middle East’s digital markets have been expanding with an annual growth rate of 12 percent and correspondingly the cost of data breaches is increasing at an alarming rate. In August 2020, The National [a Middle East newspaper] reported that the cost of a data breach in Saudi Arabia and the UAE has risen by 9.4 percent over the past year. These incidents cost companies studied in the region US$6.53 million per breach on average, which is higher than the global average of US$3.86 million per breach. The best defense is a good offense. The right systems and controls, timely awareness, the latest techniques, and an experienced professional partner like Crowe can help you and your organization mitigate the risk of cybercrime.”
“With organized crime having entered the picture, cybercrime has become one of the world’s largest illegal economies, reaching US$10.5 trillion annually by 2025 – up from US$3 trillion in 2015. The cost of one single incident is often high enough to make companies go out of business in under six months. With technology and automation, cyber criminals need less skill to threaten companies and look for vulnerabilities to exploit. With new techniques and methods emerging daily, the threat landscape changes constantly. This can make it quite difficult to protect your digital assets and company from cybercrime. I think the cybersecurity paradigm should shift from prevention to a more cycle-based approach. This means that companies should apply the ‘assumption of breach’ principle in which they assume that sooner or later they will be struck by a security breach or incident. What companies should do, besides protecting their digitals assets, is to implement measures related to incident detection, response and recovery in order to be able to act accordingly once an incident takes place. Business leaders should adopt the belief that every company is a lucrative target for cybercriminals and that, by practicing good cyber hygiene, they can drastically reduce the risk of becoming a victim of cybercrime. Cybersecurity is about people, processes and technology. In this way, a company’s attitude to cybersecurity and culture matters most.”
Given that cyberattacks rank first among global human-caused risks, according to the World Economic Forum Global Risks Report 2020, and cybercrime may cost US$11.4 million every minute in 2021, it is clearly business-critical for organizations to shore up their defenses.
“COVID-19 has seen a massive surge in cybercrime,” continues Mr Gee. “It is not a question of if an organization will be attacked but when.” For response to be effective organizations must understand the three following things, he suggests.