cybercrime by the numbers | infographic | akamai… · akamai’s portfolio of web and mobile...
TRANSCRIPT
CYBER CRIME BY THE NUMBERS
SCALE
VULNERABILITYExposure is only increasing as business processes evolve to become
more mobile, accessible, and agile.
Malware, ransomware, data breaches, and phishing are top of mind for most companies. As users, devices, applications, and data continue to move outside of the traditional enterprise perimeter and zone of control, attack surfaces will only expand. So, what are the realities of falling prey to a cyber attack?
1. 2017 Ponemon Institute Data Protection Risks & Regulations in the Global Economy Study, http://www.experian.com/assets/data-breach/white-papers/2017-experian-global-risks-and-regulations-study.PDF
2. https://blog.cloudmark.com/2016/01/13/survey-spear-phishing-a-top-security-concern-to-enterprises/ 3. https://www.av-test.org/en/statistics/malware/ 4. http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html5. Gemalto Breach Level Impact Report,
http://breachlevelindex.com/assets/Breach-Level-Index-Report-H1-2017-Gemalto.pdf6. 2016 Enterprise Phishing Susceptibility and Resiliency Report,
https://phishme.com/2016-enterprise-phishing-susceptibility-report/7. https://www.cyberthreatalliance.org/cta_analysis/cyber-threat-alliance-uncovers-cryptowall-version-4/
8. 2017 Ponemon Institute Cost of a Data Breach Study, http://info.resilientsystems.com/hubfs/IBM_Resilient_Branded_Content/White_Papers/2017_Global_CODB_Report_Final.pdf
9. Infocyte: The Breach Detection Dap and Strategies to Close It, https://www.infocyte.com/breach-detection-gap-conf
10. IDC InfoBrief, Sponsored by Akamai, Remote Access and Security, September 2017
11. Arxan: 2017 Study on Mobile and Internet of Things Application Security, https://www.arxan.com/2017-Ponemon-Mobile-Iot-Study
12. IDC InfoBrief, Sponsored by Akamai, Remote Access and Security, September 2017
13. CBS Money, https://www.cbsnews.com/news/byod-alert-confidential-data-on-personal-devices14. Cybersecurity Ventures: 2016 Cybercrime Report,
http://cybersecurityventures.com/hackerpocalypse-cybercrime-report-201615. https://www.technologyreview.com/s/425770/the-criminal-cloud16. https://heimdalsecurity.com/blog/10-surprising-cyber-security-facts-that-may-affect-your-online-safety17. Ponemon Institute, The Economic Impact of Advanced Persistent Threats
18. MMC Cyber Handbook 2016, http://www.mmc.com/content/dam/mmc-web/Global-Risk-Center/Files/MMC-Cyber-Handbook_2016-web-final.pdf
19. McAfee Net Losses: Estimating the Global Cost of Cybercrime, https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/attachments/140609_rp_economic_impact_cybercrime_report.pdf
20. SANS Institute: IT Security Spending Trends, https://www.sans.org/reading-room/whitepapers/analyst/security-spending-trends-36697
21. ISACA 2015 Global Cybersecurity Status Report, http://www.isaca.org/cyber/Documents/2015-Global-Cybersecurity-Status-Report-Data-Sheet_mkt_Eng_0115.pdf
22. MMC Cyber Handbook 2016, http://www.mmc.com/content/dam/mmc-web/Global-Risk-Center/Files/MMC-Cyber-Handbook_2016-web-final.pdf
The rate of evolution and volume of complex targeted threats continue to increase.
Despite this, only 38% of global organizations feel prepared for a sophisticated cyber attack, 21 and 25% of companies don’t even treat cyber threats as significant corporate risks. 22
The growing prevalence of mobile, cloud, hybrid WANs, direct Internet access, and IoT is only going to exacerbate this problem.
Existing security point solutions and applications are often reactive, inconsistent, and ineffective.
Companies must pivot from the common security mantra of “trust but verify” to “verify and never trust” in the new threat landscape.
The consequences of not proactively preparing for a targeted attack are enormous.
READ “5 MUST-ASK DNS QUESTIONS” AND VISIT AKAMAI.COM/ETP TO LEARN MORE.
As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale with more than 200,000 servers across 130 countries, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7 monitoring. To learn why the top financial institutions, online retail leaders, media and entertainment providers, and government organizations trust Akamai, please visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations. Published 01/18.
51%
93%91%
1.9BILLION
84% 250,000of organizations have had a global data breach in the
past five years. Of these, 56% say they had multiple
breaches.1
The threat landscape is becoming increasingly hostile, and the days of generic threats are over.
of cyber attacks and the resulting data breach begin
with a phishing attack.6
More than 250,000 new malicious programs are
registered every day.3
data records were leaked or stolen during just the first half of 2017, well surpassing a total
of 1.37 billion in all of 2016.5of phishing emails are
related to ransomware.4
CryptoWall version 4, a notorious ransomware virus, has so far resulted in $18 million in damages, 36,000+ confirmed victims, and 7.1 million attempted infections.7
of enterprises have suffered phishing attacks.2
$1.68
68%
$6 TRILLION
$18 MILLION
68%Global cost of cyber crime is predicted to hit $6 trillion
annually by 2021.14
of funds lost as a result of a cyber attack were
declared unrecoverable.16
of corporations have not considered the financial
impact of a cyber attack.18
Most organizations fold their security budgets and spending into another cost center, whether IT (48%), general operations (19%), or compliance (4%), where security budget and cost line items are combined with other related factors. Only 23% track security budgets and costs as its own cost center.20
191 DAYS
IoT
80%MOBILE APPS
71%40.8%
19% >40% Mean time to identify a
data breach is 191 days.8
of companies have 21–40% remote employees. 25.7%
have more than 40% remote employees.12
80% of IoT and 71% of mobile applications are not tested for security vulnerabilities.11
of breaches originate with authorized users accessing
unauthorized systems.10of data breaches are
self-detected.9
COST
The Internet economy annually generates
between $2 trillion and $3 trillion. It’s estimated that cyber crime extracts between 15% and 20%
of that value.19
Average cost of an APT data breach is $18 million;
50% is damage to brand reputation.17
The estimated cost of using existing cloud offerings to break into most Wi-Fi
networks is $1.68. It would take six minutes.15
SUMMARY
SOURCES
SOLUTION
Companies need real-time visibility
into the threats that could impact their
network.
Once a threat is identified, companies need a simple,
fast, and convenient method of mitigating
these attacks.
Companies must adopt a zero trust security model
to be successful in today’s ultra-competitive and
hyper-connected world.
More than 67% of employees use their own devices at work.13
As financial incentives for cyber criminals continue to climb, they will be increasingly patient, targeted, and persistent in their attacks.