The widespread adoption of digital technology is set to spark double trouble for brand owners which suffer data breaches, with soaring fines and loss of business forecast to push the annual cost of cybercrime to over $5 trillion (£4.1 trillion) within five years.
That is the stark conclusion of a new report from Juniper Research, which predicts fines from tougher regulation, including GDPR and the new California Consumer Privacy Act, will only be part of the issue. It is the greater proportion of business lost as companies become more dependent on digital technology that will really hit them hard.
The most expensive data breach to date is the hack attack that rocked Equifax in September 2017. Branded “the greatest security catastrophe of modern times”, the incident affected more than 147 million people worldwide. Following this July’s $700m (£562m) settlement with the US Federal Trade Commission, the total bill – so far – has reached over $2bn (£1.6bn).
An investigation by the UK Information Commissioner’s Office revealed multiple failures at the credit reference agency which led to personal information being retained for longer than necessary and vulnerable to unauthorised access. However, the ICO fined Equifax just £500,000 – the maximum penalty permitted at the time.
But while lax security meant hackers were able to access Equifax data with relative ease, Juniper predicts that even belts-and-braces systems will feel the strain as criminals will up their game in the pursuit of valuable personal information.
It believes hackers will start to employ artificial intelligence to learn the behaviour of security systems in a similar way the technology is currently being used to detect abnormal behaviour. In addition, the research highlights that the evolution of “deepfakes” and other AI-based techniques is also likely to play a part in social media cybercrime in the future.
Despite firms waking up to the crucial role cybersecurity plays, it is not necessarily gaining traction with system users, The Future of Cybercrime & Security 2019-2024 claims. As a result, Juniper Research expects that security awareness training will become an important element in business cyber security practice.
It insists that the gains that can be made by increasing human awareness of cyber threats will make more efficient use of cybersecurity spend, which Juniper Research expects to rise by only 8% a year up to 2024.
Research author Susan Morrow said: “All businesses need to be aware of the holistic nature of cybercrime and, in turn, act holistically in their mitigation attempts. As social engineering continues unabated, the use of human-centric security tactics needs to take hold in enterprise security.”
$700m fine hikes Equifax data breach bill to over $2bn
Equifax first to be hit with maximum £500k data fine
Third-party cock-up triggers Yves Rocher data breach
Teletext sweats as two-year data breach is uncovered
Not quite so ‘Priceless’: Data leak affects Mastercard
Twitter admits GDPR breach after exploiting user data
Monzo squirms again after gaffe exposes pin numbers
Top London estate agent flayed for 2-year data breach
Leicester City FC on hiding to nothing over data breach