2020 will be remembered most as the year the world was swept up in the COVID pandemic. Dig a little deeper and you’ll find another alarming news story: 2020 was a record breaking year on the Cybersecurity front. There was more data lost in breaches and a higher number of cyber attacks than ever before.
The bad news doesn’t end there — it became clear over the course of the year that cyber threats have become far more sophisticated than in previous years. Threat actors, often working within coordinated hacker groups, are wielding tools like machine learning and AI and taking full advantage of the advances in 5G technology.
Chuck Brooks, President of Brooks Consulting International and a prominent thought leader in the cybersecurity space, highlights several key concerns for 2021 in a recent Forbes article, “Alarming Cybersecurity Stats: What You Need To Know For 2021.”
Cybersecurity Readiness: How prepared are we for emerging Cybersecurity threats?
Brooks is blunt in his assessment of the state of readiness for most entities: it’s “dismal.” Despite a clear need to improve what Brooks calls our “cyber-hygiene,” most organizations are failing to take steps like strengthening passwords, patching software, and using multi-factor authentication. As evidence, Brooks points to several recent research revelations:
- 78% of organizations lack confident in their company’s Cybersecurity posture and 91% have increased their 2021 budgets – Yahoo
- A paltry 5% of folders stored on company networks are properly protected – Varonis
- Around 80% of senior IT and IT security leaders feel their organizations are not sufficiently protected against cyberattacks, despite increased investments made in 2020. Still, only 57% conducted a data security risk assessment in 2020 – Yahoo
- More than 90% of all healthcare organizations reported one more more security breaches over the past three years – Becker’s Hospital Review
- The FTC received 1.4 million reports of identity theft in 2020, double the number from 2019 – WeLiveSecurity
The Economics of Cybersecurity: Cybercrime is outrageously expensive.
Brooks highlights several stats related to the cost of cybercrime to organizations, domestic and global economies. Recent figures are heart-stopping:
- Cybercrime is set to cost the world $10.5 trillion annually by 2025 – Cybersecurity Ventures
- Every minute, $2.9 billion is lost to cybercrime; top companies pay $25 per minute due to cyber security breaches – RiskIQ
- The average cost of a data breach rose to $3.86 in 2020 – Dice
- The Cybersecurity market is forecasted to be worth $403 billion by 2027 – CE Pro
Cyber Threats Are Evolving.
Brooks cites an article from Dark Reading that examines a trio of threat reports. The article stresses that phishing will remain a primary risk in 2021, but we can also expect to see newer emerging threats that utilize deepfakes and disinformation. Brooks references several other alarming stats on emerging cyber threat approaches:
- Malware increased by 358% and ransomware increased by 435% in 2020 – Help Net Security
- 100,000 malicious websites and 100,000 malicious files are in play every day throughout the world, and 87% of organizations have experienced an attempted exploit of a known vulnerability – Globe Newswire
- Google has registered more than two million phishing sites as of January, 2021, an increase of 27% over the previous 12 months – Tessian
- There was a new ransomware victim every 10 seconds in 2020 – Infosecurity Magazine
- “Next gen” supply chain attacks grew 420% in 2020 – Sonatype
At-Risk Data: What do we have to lose?
Data runs the world at this point. From Fortune 500 companies to governmental agencies to healthcare and non-profit organizations, data in all its various forms is crucial to operations. It’s no exaggeration to say that data breaches and cyber attacks put our well-being and safety at risk. Brooks notes that at-risk data is growing, with the number of Internet connected devices expected to increase from 31 billion in 2019 to 35 billion in 2021 and 75 billion in 2025.
Though the stats are, indeed, alarming, Brooks stresses that all is not lost. Organizations that consider these figures a call to action will be poised to counter the ever-present threats posed by cyber criminals. As Brooks notes, organizations must accept the challenge to adapt data into a “functional and agile risk management strategy.”
Read more about Brooks and what organizations need to know for 2021 at Forbes.