Ten Lessons Learned from “20 Eye-Opening Cybercrime Statistics”

Ten Lessons Learned from “20 Eye-Opening Cybercrime Statistics”

Cyberspace is continuously evolving at a rapid pace. Social media, mobile computing, the Internet of Things (IoT) and ecommerce are all examples of people getting quickly accustomed to an online lifestyle.

However, as technology has changed, so has the spectrum of potential threats. New vulnerabilities are constantly emerging and reshaping the threat environment. With no absolute defense against cybercrimes, cybersecurity has become a very fluid and dynamic field. Despite near-continuous security investment from enterprises, the expertise of attackers and scope of attacks has only widened, as have the rewards bad actors can potentially reap from cybercrimes. This has attracted the attention of a wide variety of perpetrators behind attacks, including state actors.

In order to prepare for this threat-filled environment, we can learn much by reviewing past cybercrime statistics. Bill Laberis provides such insight in his article “20 Eye-Opening Cybercrime Statistics.”[1] In his article, Laberis compiles statistics related to several relevant areas, including data breach cost, struggles of small and midsized organizations, cybersecurity spending and resources, and preparedness and response.

Lessons Learned
Reviewing the statistics Laberis compiled from last year allows us to draw relevant conclusions regarding the cyberspace of today.  These conclusions can help in safeguarding against cybercrimes.

1. As overall reliance on IT is increasing, so is the overall attack surface. As a result, the job of a cyber defender is much more difficult than that of a cyber attacker.
2. Increased reliance on IT also means breaches are coming with bigger costs. While automation is allowing individuals and organizations to earn more money more quickly, that money may be lost even more quickly due to security breaches. Online business is critical for many of today’s enterprises. Any disruption, full or partial, can be a disaster.
3. There is no foolproof security in the cyber world. However, that does not mean users should not use any security. Instead, this is a reminder that one can never be totally relaxed regarding cybersecurity. Cybersecurity is an ongoing battle that demands constant attention.
4. Privacy is always at risk when secret information is part of a network. Risk management has to be factual. Accessible data, even if encrypted, can be compromised. Those wishing to protect their secrets must be both vigilant and equipped with comprehensive response mechanisms.
5. Theft of trade secrets has always been a serious issue, but IT has taken it to a new level. With today’s rapid speed of business, losing trade secrets can cost huge sums.
6. The healthcare and financial sectors are threatened more often than other areas. Anyone working with IT in these sectors must be especially vigilant.
7. Small and medium-sized organizations may be equally threatened by cyber threats as large organizations, even though they may not have the same resources.
8. Weak passwords and poor password management are still common, in spite of past, infamous events. Many end users remain oblivious to happenings in the realm of cybersecurity. As a result, they are often too negligent when casually working in a cyber environment and dealing with the unforgiving threat spectrum. Top management must be made aware of such laxities by employees and must work to address those tendencies.
9. Spending a lot of money on cybersecurity, either directly or through third parties, can be effective, but it may not guarantee security.
10. Breaches are more common than are reported in the news. End users must realize that only the largest events are most often reported.

Conclusion
With his article, Laberis reminds us why it is important to stay aware of the most current cyber threats. Staying abreast with the threat spectrum as it advances with technology is important for fully reaping the benefits of new technologies. A constant watch of ongoing incidents can pay dividends in terms of better safeguards against upcoming hazards.
 
About the Author
Abdul B. Subhani is the founder and President/CEO of Centex Technologies, an IT consulting company with offices in Central Texas, Dallas, and Atlanta. He is also an adjunct faculty member of the Texas A&M University - Central Texas computer information systems department. Abdul is a Certified Ethical Hacker, a Certified Fraud Examiner, Certified in Risk and Information Systems Control, a Texas Licensed Private Investigator, member of FBI Infragard and the recipient of multiple other advanced IT credentials. Abdul has been a frequent keynote speaker, moderator, and panellist at leading international technology conferences, and he has given speeches to thousands of students at colleges and universities.