Approximately 868,000 new malwares each day take an average of only 82 seconds to claim their first victim.
dubai - Increasing number of devices and reliance on technologies make firms vulnerable to attacks
Growing cyberattacks have become a matter of concern for corporates as it caused widespread disruption and losses in productivity and growth. Experts urge extra caution to avert cyberattacks in the wake of an increasing number of gadgets that might reach the 20 billion mark by 2020 from an estimated 7 billion today.
The annual cost of cybersecurity, which currently stands at $600 billion, is a matter of concern for businesses across the globe. Approximately 868,000 new malwares each day take an average of only 82 seconds to claim their first victim. Cybercriminals mostly attack large companies since they are lucrative victims given the multiple attack vectors.
Nick Lazaridis, HP president for Europe, Middle East and Africa, said cybercrime is growing and everything is "scary" in today's connected world.
"We live in a hyper-connected world where $445 billion [in 2015] is lost to cybercrimes annually. Over 160 large data breaches happened in 2016. We should understand that cybersecurity must be a disruptive force to challenge these problems," Lazaridis told Khaleej Times.
"There are at least 400 million PCs that more than four years old in offices around the world that are vulnerable in multiple ways," he said.
Michael Calce, a Canadian IT security consultant who launched denial-of-service attacks in early 2000s at the age of 15 to shutdown Yahoo, CNN, Amazon, eBay and Dell websites, said each data breach is estimated to cost $10 million on average. Effective security systems and precautionary measures should be in place to minimise the chances of cyberattacks on financial institutions, banks and big institutions, said Calce.
Hot zone for cyberattacks
The GCC in general and the UAE in particular has become a hot zone for cyberattacks due to the acceleration of Internet and mobile penetration and relatively high average net worth among residents. Symantec's latest 'Internet Security Threat' report indicates that the UAE was heavily targeted for ransomware last year and 30 per cent of ransomware victims in the country are willing to pay ransom compared to 34 per cent globally.
"Ransomware is very common," Calce said, adding that large multinationals have to spend more on research and development to counter cybercrimes.
A recent IDG report said IT professionals in the UAE plan to invest 38 per cent of their resources on cybersecurity alone over the next 12 months.
According to IDC, maintaining cybersecurity continues to be the number one challenge facing the region's CIOs, with information security spend across the Middle East, Turkey and Africa set to reach a record high of $2 billion in 2017. The Middle East's cybersecurity market size is set to grow from $11.38 billion in 2017 to $22.14 billion by 2022, at a CAGR of 14.2 per cent, as forecast by Markets and Markets.
Experts further said data privacy is a growing concern as young professionals work more frequently in public settings. Visits to airports, coffee shops, conference rooms and hotel lobbies are just a few examples of locations that pose daily data privacy obstacles for the mobile worker.
Tarek Abbas, systems engineering director - emerging markets, Palo Alto Networks, said the Middle East has been seeing an increase in the number and severity of cyberattacks and data breaches due to the growing dependency on technologies such as cloud and IoT.
"Against the backdrop of increasingly sophisticated cyberthreats and headlines about breaches, it's time to evolve conventional thinking about cybersecurity that assumes breaches are inevitable and focus too much on detection and incident response, which is too little too late," he said.
Abbas said UAE companies need to adopt a prevention-oriented mindset to keep critical assets safe and ensure that trust in the digital world remains intact. "UAE businesses should take advantage of automated sharing of threat intelligence to enhance prevention and minimise the spread of attacks," he said.
The UAE, which ranked 26th globally for ransomware attacks by Symentec, is only behind Saudi Arabia (20th) in the Middle East and Africa region. Symantec also found that one in 136 mails in the UAE contained a malicious link or attachment. Large enterprises (more than 2,501 employees) in the UAE received the most e-mails containing malware and phishing while small enterprises with less than 250 workers received the most spam.
"A recent report by Kaspersky Lab on measuring the financial impact of IT security on businesses found that on average, a single cybersecurity incident costs large businesses $861,000, while SMBs end up paying $86,500," said Amir Kanaan, general manager at Kaspersky Lab in the Middle East.
Most alarmingly, he said the cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44 per cent more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within one day.
Furthermore, enterprises pay a 27 per cent premium in the same circumstances. Overall, businesses expect to hike IT security budgets at least 14 per cent over the next three years due to the increased complexity of IT infrastructure, he said.
"We believe successful security strategies for businesses lie in a more balanced approach to allocating resources - not just spending on compliance, but also investing more in protection from advanced targeted attacks, paying more attention to employee security awareness and getting better insights on industry-specific threats," Kanaan concluded.
- muzaffarrizvi@khaleejtimes.com