Global business leaders are growing increasingly concerned that the global drive towards digitalisation, driven by the COVID-19 pandemic, has brought with it a cybercrime wave.
The World Economic Forum has published its Global Cybersecurity Outlook 2022 which found ransomware attacks rose 151% in 2021. There were on average 270 cyberattacks per organization during 2021, a 31% increase on 2020, with each successful cyber breach costing a company $3.6m. After a breach becomes public, the average share price of the hacked company underperforms the NASDAQ by -3% even six months after the event.
The report added 80% of cyber leaders now consider ransomware a “danger” and “threat” to public safety and there is a large perception gap between business executives who think their companies are secure and security leaders who disagree.
Some 92% of business executives surveyed agreed that cyber resilience is integrated into enterprise risk-management strategies, only 55% of cyber leaders surveyed agree. This gap between leaders can leave firms vulnerable to attacks as a direct result of incongruous security priorities and policies.
“Companies must now embrace cyber resilience – not only defending against cyberattacks but also preparing for swift and timely incident response and recovery when an attack does occur,” said Jeremy Jurgens, Managing Director at the World Economic Forum.
The WEF said even after a threat is detected, its survey which was held in collaboration with Accenture, found nearly two-thirds of businesses would find it challenging to respond to a cybersecurity incident due to the shortage of skills within their team.
“Perhaps even more troubling is the growing trend that companies need 280 days on average to identify and respond to a cyberattack,” it added. “To put this into perspective, an incident which occurs on 1 January may not be fully contained until 8 October.”
“Organisations need to work more closely with ecosystem partners and other third parties to make cybersecurity part of an organisation’s ecosystem DNA, so they can be resilient and promote customer trust,” said Julie Sweet, chair and CEO, Accenture. “This report underscores key challenges leaders face – collaborating with ecosystem partners and retaining and recruiting talent. We are proud to work with the World Economic Forum on this important topic because cybersecurity impacts every organization at all levels.”
Fewer than one-fifth of cyber leaders feel confident their organisations are cyber resilient.
The study found they don’t feel consulted on business decisions, and they struggle to gain the support of decision-makers in prioritising cyber risks – 7 in 10 see cyber resilience featuring prominently in corporate risk management
Recruiting and retaining the right talent is their greatest concern – 6 in 10 think it would be challenging to respond to a cybersecurity incident because they lack the skills within their team
Nearly 9 in 10 see SMEs as the weakest link in the supply chain – 40% of respondents have been negatively affected by a supply chain cybersecurity incident
“We are at a crossroads, a point at which cyber resilience has become the defining mandate of our time – beyond foundational security controls – to anticipate future threats, withstand, recover from cyberattacks, and adapt to likely future digital shocks,” said Algirde Pipikaite, cybersecurity strategy lead, World Economic Forum.