Cyberattacks are on the rise. As per a World Economic Forum report, cybersecurity breaches cost over $300bn to companies worldwide. As per global information technology leader Accenture, the average number of successful cybersecurity breaches to affect companies have increased 22% to over 130 per year. That makes a case enough to have a robust cybersecurity system for your organization. But is it really worth it?
What is Cybersecurity?
As per International Telecommunications Union, cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets
Any organization’s biggest asset is its database - the information of its clients, the policies, agreements, business sheets, financial and transactional details. Spammers and hackers attack various touchpoints of corporate organizations - websites, social presence, emails etc. - in order to find a way into sensitive information, thereby undermining internet security. As recently as last month, 10 years of sensitive data from more 100 manufacturing companies including Chrysler, Ford, GM, Tesla, Toyota, and Volkswagen was exposed due to a cyber spam, which included assembly line schematics, factory floor plans, robotic configurations, ID badge request forms, VPN access request forms, and ironically enough, non-disclosure agreements.
The Cybersecurity Skills Shortage
Remember the hack at the famous dating website: Ashley Madison? Or the Sony Pictures Hack where the media giant’s official emails and personal information about the firm’s employees was leaked to the public?
Not that these huge companies could not afford to have an expert on their payroll. It’s just that finding professionals with necessary skills and considerable experience is a needle in a haystack exercise. As per the PwC 21st Global Survey, cyber threats have been cited as the number four reason that “extremely concerns CEOs around the world”, equal as geopolitical uncertainty and terrorism. As per current estimates by Cybersecurity Ventures – a leading company in this sector, there are nearly 350,000 open cyber security positions in the US alone. Globally, this skill shortfall is predicted to reach 3.5mn by 2021.
In order to shield your organization from cyber threats, you need a good team that is skilled and keeps itself abreast of all the latest malware and scams that could potentially be devastating to the company’s data.
The cost of implementing cybersecurity
More often than not, organizations tend to ditch their effort of getting adequate arrangements in place due to the unclear and, often, unjustifiable costs of getting them. This is more prevalent among small and medium businesses (SMB). This makes such businesses more vulnerable to spammers as they are aware of the fact that corrective measures are even more costly than having such a system in place to start with.
For you to make sense of the ownership cost of putting a system in place, we have zeroed in on these 3 key things to consider:
- Frequency of Alerts: Assess how many alerts your organization receives on an average (weekly/monthly). The global average for such threats is 44 per day for small and medium businesses. If your frequency is too high, or even near the average mark, it is time to invest in better measures.
- False positive rate/Error: Check what percentage of these results are erroneous. Often, these alerts are regarding malicious attacks even when there are none. Check if the percentage is too high. If it is, time to reconsider another system.
- Average time to respond/investigate an alert: Once a ticket is opened regarding a suspected attack, what is the average time taken by the IT team to track the source and identify the threat? Is it on par with industry standards? If it is not, time to contact security experts.
Cybersecurity and Canada
Canada, thankfully, understands the gravity of the situation and has responded well to address the skill shortage. The sector already contributes $1.7B to Canada’s GDP and is the reason for over 11,000 jobs. A paper released by the Public Safety Minister last month cited 71% of overall data breaches in Canada involving small and medium businesses, as SMEs were not adequately protected against cybersecurity threats. All this point towards cybersecurity marching towards one of the most in-demand technology jobs in Canada.
If you are an SME who values its data, schedule a security audit of your online presence. Assess it against the three benchmarks outlined above and in case you find your current security measure not up to the point, consider it time to bring in a cybersecurity expert.