Businesses fail to prepare as cybercrime surges globally
Cybercrime is now the second most reported economic crime and has affected at least a third of organizations in the past 24 months, yet many businesses are still underprepared, a PWC report has found.
According to the Global Economic Crime Survey, cybercrime has jumped from being the 4th to 2nd most reported kind of economic crime, behind only asset misappropriation. Meanwhile, the losses associated with cybercrime are huge and growing, but an alarming number of businesses don’t have a plan in place.
The report finds that only 37% of organizations have a cyber incident response plan, despite the fact that 61% of CEOs said they were concerned about cybersecurity. This backs up the findings from last week’s RSA Conference report, which found just one in seven security chiefs report directly to their CEO, despite rising concern within their businesses.
Around 50 respondents to the PWC survey said they had lost in excess of $5 million, while a third of these said the figure was greater than $100 million. According to the Wall Street Journal, the percentage of companies reporting losses of more than $1 million as a result of cybercrime attacks doubled since 2014.
Despite the rise in the number of businesses affected by cybercrime, however, the increased number may still be smaller than the true figure.
“The insidious nature of this threat is such that of the 56% who say they are not victims, many have likely been compromised without knowing it,” says the report. “A concerning trend we have observed is that of hackers managing to remain on organizations’ networks for extended periods of time without being detected.”
This is represented in the worrying number of survey respondents that didn’t know whether they’d been affected by cybercrime or not– some 18% of the total sample.
The imbalance between rising threats and corporate unreadiness is a concern for global businesses. As the PWC report concludes, a company’s ability to handle a cyber crisis can not only be a marker of competitive advantage, but, ultimately, survival.
Source | WeLiveSecurity