Mitigating Losses From A Trillion Dollar Cybercrime Industry

Cybercrime comes with a hefty price tag. The losses associated with cyber and ransomware attacks in 2016 were estimated at US $1 billion, a figure in itself 600% higher than in 2015, but still significantly lower than 2017, when such high profile attacks as Wannacry, Petya and Jigsaw cost global businesses, organisations and governments more than $4 billion. By 2021, it is estimated cybercrime damages will cost the global economy $6 trillion annually, with the CAGR estimated to reach as high as 15%. To put that figure into context, global pharma is projected to reach values of $1.12 trillion by 2022.

The figures alone should have been enough to already spur any business leader into action– this is nothing new or unknown. But we still continue to rely on old systems and poor security infrastructure which put data, reputation and business operations at risk. Human error nearly always plays a part in serious breaches. We still aren’t addressing these issues, and yet the threat continues to evolve.

As IoT devices enter mainstream business, adoption is largely ahead of the development of necessary security measures: vulnerable systems can be activated remotely to send webcam and audio streams, payment data and even a map of your home, to cyber criminals.

Old and new, Saudi Arabia is no stranger to the threats. In 2012, the Shamoon virus, wiped vast amounts of computers from leading Saudi entities, replacing emails and documents with inappropriate content.

Former U.S. Defence Secretary Leon Panetta said the attack was “probably the most destructive cyber attack on a private business”. Two further versions of the virus have since emerged.

Such developments deliver a clear message– cyber security is now business security. No longer satisfied with data theft, extortion and vandalism, attackers are turning to espionage, disinformation, market manipulation and disruption of infrastructure.

Saudi Arabia’s unique economic and political position, not to mention its status as a leader in global oil trade, only enhance the bounty for attackers. Facing both targeted and general global threats, the Kingdom has established the National Authority for Cyber Security– comprising head of state security, the head of intelligence, the deputy interior minister and assistant to the minister of defence.

Recently announced by the government, the authority will “boost cyber security of the state, protect its vital interests, national security and sensitive infrastructure”. Its role will only heighten in importance as the Kingdom rolls out bold new economic plans, with unprecedented dependence on sophisticated IT and connectivity.

The Saudi market is known for driving opportunity throughout the region and the emergence of this newly-formed cohort is no different in this respect. As the Kingdom looks to stimulate investment, this offers the regional ecosystem and cyber security specialists a distinct opportunity to provide the advanced tools to securely underpin the future of the nation’s economy.

Related: How Cybercrime Has Changed (Infographic)