What’s the cost of Cybercrime across different Industries?
Visualizing its financial impact across the board
Keeping your personal information safe from online predators should be your topmost priority. The issue has been highlighted countless times with high profile data breaches which have seen a sharp upswing in the last decade. It is an issue that affects everyone across the board — be it an ordinary internet user, a mega-corporation or a government entity.
Data breaches have already soared 54% in 2019 — with more than 3800 attacks hitting organizations, according to a report published by Risk-based Security — a data breach & risk rating agency. It points to the extreme risk of placing sensitive data in the hands of third-party vendors as the main cause. Not only are such incidents on the rise, but the cost to the organizations who are targets of such malicious attacks is mounting as well.
We are going to delve into a little more detail with today’s infographic from Raconteur. The data for the visualization is based on the Ninth Annual Cost of Cybercrime Study by Accenture. Perhaps the most alarming statistic that has emerged from these reports is the fact that 2019 has seen a further uptick in the losses resulting from these attacks.
Accenture has determined that the accelerated pace of direct and indirect cyber attacks (2019–2023) is going to put 77% value at risk from direct attacks, while the remaining 23% value at risk from indirect attacks (infographic below). Most of these attacks resulted in losses worth millions of dollars apart from resulting information breaches & business disruption.
Across the Board Losses
As said before, no single organization or industry has been spared from the growing cost of cybercrime. The report notes that organizations have seen security breaches grow by 67% in the past five years. Taking a look at the different industries, it is evident that the average cost to the banking sector is the largest with $18.4 million growing 11% from the previous year.
Most of the industries posted double-digit increases in the average cost of cyberattacks with the exception of the Energy sector, which only showed a gain of 4% from 2017. Healthcare was the only outlier where the average cost of cyberattacks actually dropped by 8%. Life Sciences sector saw the biggest increase in the average cost recording a gain of 86% from the previous year. The rest of the industries are outlined below with the average cyberattack cost in 2018 followed by the % change from 2017.
Banking ($18.4M+11%), Utilities ($17.8M+18%), Software ($16M+11%), Automative ( $15.8M+47%), Insurance ($15.8M+22%), High tech ($14.7M+14%), Capital markets ($13.9M+32%), Energy ($13.8M+4%, U.S Federal ($13.7M+32%), Consumer goods ($11.9M+47%), Healthcare ($11.8M-8%), Retail ($11.4M+26%), Life sciences ($10.9M+86%), Media ($9.2M+22%), Travel ($8.2M+77%), Public sector ($7.9M+20%).
Average Cost for the type of Attack
Year over year, cyberattacks by various means are on the rise as well. The attacks were categorized as the following going from the highest average cost to the lowest. The average cost increased with double-digit percentage gains for most categories, with Malware being the most expensive one ($1.4 million average cost) & Ransomware cost increasing the most by 21%. Phishing posted the smallest increase at 8%.
Malware was the most common type of attack with the botnets being the least popular form of malicious activity.
Savings with the use of Cybersecurity Technology
The third chart outlines the use of different technologies to avoid losses, how many companies use a certain technology & how much they can expect to save from it. Companies can save the highest amount of $2.26 million by using security intelligence & threat sharing, with 67% of companies employing this strategy.
Automated policy management was the least used by companies with 27%, however, the savings would only amount to $0.1 million. Cyber analytics & automation (AI etc.) were used by 32% & 38% respectively, despite having a significant impact on the savings of $1.7 million & $2.1 million.
Ballooning Cybercrime costs around the Globe
The average annual cost of cyberattacks varied significantly around the world. The United States was at the top of the table with an average annual cost of $27.4 million followed by Japan at $13.6 million & Germany at $13.1 billion.
Bigger European & U.S firms are the prime target
And finally, the last chart portrays the size of the companies targeted by online attackers in the West. As was the case with all the other metrics, 2018 saw a big jump in the number of cyberattacks as compared to the previous year. Seems like bigger companies (250–999 employees) & megacorporations (1000+ employees) are the prime target for cyber attackers. The rule is simple… larger the company, bigger the bounty.
The infographic concludes by providing an interesting statistic — in 60% of the cases, cybercrime itself costs less than or the same amount as the investigation following the incident. Only 29% of the time fraud costs more than the investigation.
This raises the important question that is more important to tackle the threat upfront rather than waiting for it to happen before putting in the protective measures. According to the same report, $5.2 trillion in global value will be at risk from cyberattacks between 2019–2023. The threat of cybercrime is a real one and it is getting bigger with time.