CAN $1T KEEP CYBERSPACE SAFE?
THE TYPES OF PROTECTED INFORMATION THAT MOST OFTEN LEAVE THE OFFICE INCLUDE
dubai — Global cybersecurity market is expected to hit $1 trillion mark in next three to five years due to increasing cybercrime activities in corporate world, experts and industry specialists say.
The growing cyberattacks have become a matter of concern for corporates as the activity caused widespread disruption and losses in productivity and growth. The experts urge extra caution to avert cyberattacks in the wake of increasing number of gadgets that might reach at least 20 billion mark by 2020 from an estimated 7 billion today. The annual cost of cybersecurity, which currently stands at $600 billion, is a matter of concern for the businesses across the globe as approximately 868,000 new malwares each day take an average of only 82 seconds to claim its first victim. Cybercriminals attacks mostly large companies, which makes them a more lucrative victim given the multiple attack vectors, and hence pave the way for cybersecurity products and services.
Nick Lazaridis, HP president for Europe, Middle East and Africa, said cybercrime is growing and everything is ‘scary’ in today’s connected world.
“We live now in a hyper-connected world where $445 billion [in 2015] is lost to cybercrimes annually, over 160 large data
There are at least 400 million PCs greater than four years old in offices around the world that are vulnerable in multiple ways Nick Lazaridis, HP president for Europe, Middle East and Africa
Cybercrimes as a whole cost about $600 billion right now which is close to hit a $1 trillion mark in coming years Michael Calce, Canadian IT security consultant
With thousands of threats attacking organisations every day, an efficient cybersecurity definitely pays off Amir Kanaan, general manager at Kaspersky Lab in the Middle East
breaches happened in 2016. We should understand that cybersecurity must be a disruptive force to challenge these problems,” Lazaridis told Khaleej Times.
“There are at least 400 million PCs that more than four years old in offices around the world that are vulnerable in multiple ways,” he said.
Michael Calce, a Canadian IT security consultant who launched denial-of-service attacks in early 2000s at the age of 15 to shutdown Yahoo, CNN, Amazon, eBay and Dell websites, said each data breach is estimated to cost $10 million on average. Effective security systems and precautionary measures should be in place to minimise the chances of cyberattacks on financial institutions, banks and big institutions, said Calce, who is popularly known as ‘mafia boy’ in the corporate world.
Hot zone for cyberattacks
The GCC in general and the UAE in particular has become a hot zone for cyberattacks due to the acceleration of Internet and mobile penetration and relatively high average net worth among residents. Symantec’s latest ‘Internet Security Threat’ report indicates that the UAE was heavily targeted for ransomware last year and 30 per cent of ransomware victims in the country are willing to pay ransom compared to 34 per cent globally.
“Ransomware is very common,” Calce said, adding that large multinationals have to spend more on research and development to counter cybercrimes.
A recent IDG report said IT professionals in the UAE plan to invest 38 per cent of their resources on cybersecurity alone over the next 12 months. According to IDC, maintaining cybersecurity continues to be the number one challenge facing the region’s CIOs, with information security spend across the Middle East, Turkey and Africa set to reach a record high of $2 billion in 2017. The Middle East’s cybersecurity market size is set to grow from $11.38 billion in 2017 to $22.14 billion by 2022, at a CAGR of 14.2 per cent, as forecast by Markets and Markets.
Mohammed Arif, Windows and devices business group lead at Microsoft Gulf, said the threat landscape evolves with the technology eco-system. “As targets for cyberattacks grow, we expect the number of breach attempts to increase,” he said.
Tarek Abbas, systems engineering director — emerging markets, Palo Alto Networks, said the Middle East has been seeing an increase in the number and severity of cyberattacks and data breaches due to the growing dependency on technologies such as cloud and IoT.
As targets for attacks grow, we expect the number of breach attempts to increase Mohammed Arif, Windows and devices business group lead at Microsoft Gulf
He said UAE companies need to adopt a prevention-oriented mindset to keep critical assets safe and ensure that trust in the digital world remains intact. “UAE businesses should take advantage of automated sharing of threat intelligence to enhance prevention and minimise the spread of attacks,” he said.
The UAE, which ranked 26th globally for ransomware attacks by Symentec, is only behind Saudi Arabia (20th) in the Middle East and Africa region. Symantec also found that one in 136 mails in the UAE contained a malicious link or attachment. Large enterprises (more than 2,501 employees) in the UAE received the most e-mails containing malware and phishing while small enterprises with less than 250 workers received the most spam.
“A recent report by Kaspersky Lab on measuring the financial impact of IT security on businesses found that on average, a single cybersecurity incident costs large businesses $861,000, while SMBs end up paying $86,500,” said Amir Kanaan, general manager at Kaspersky Lab in the Middle East.
Most alarmingly, he said the cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44 per cent more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within one day.
Furthermore, enterprises pay a 27 per cent premium in the same circumstances. Overall, businesses expect to hike IT security budgets at least 14 per cent over the next three years due to the increased complexity of IT infrastructure, he said.
“We believe successful security strategies for businesses lie in a more balanced approach to allocating resources — not just spending on compliance, but also investing more in protection from advanced targeted attacks, paying more attention to employee security awareness and getting better insights on industry-specific threats,” Kanaan concluded.