July 19, 2023
Cybersecurity is more critical than ever before. To put the global cost of cybercrime to scale, a November 2020 Cybercrime Magazine article 1 states, “If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion USD globally in 2021 — would be the world’s third-largest economy after the US and China.” Cybersecurity Ventures predicted the cost of cybercrime damages in 2023 to reach $8 trillion.
Globally, every business in every industry must put cybersecurity hygiene at the foundation of their business plan or suffer increasingly devastating consequences.
Defenders and attackers increasingly leverage AI and machine learning techniques to enhance their capabilities, resulting in an escalating arms race in cybersecurity. Statista forecasts that the AI cybersecurity market will increase to $46.3 billion by 20272.
With a projected growth of almost 27% from 2022 to 2023, according to Statista3, cloud security is the fastest-growing segment in the IT security market. Securing cloud data in storage and transmission is a top priority for organizations.
Zero trust architecture is expected to continue to increase, as organizations that did not employ zero trust experience data breach costs $1 million higher than the global average 4. Based on zero trust architecture’s foundation of “never trust, always verify,” zero trust network access (ZTNA) is gaining momentum from the remote work movement. Gartner forecasts that ZTNA will grow by 31% in 20235, as organizations transition from VPNs.
Ransomware attacks have become increasingly sophisticated, damaging, and profitable. A data breach in 2022 cost $4.49M for organizations that paid the ransom and $5.12M for organizations that did not pay the ransom4. As attackers refine their tactics, organizations will invest in robust backup strategies, employee education, and security measures to combat this growing threat.
As ransomware attacks become more prevalent and costly, organizations are turning to cyber insurance to protect their financial losses from a breach. As a result, insurers expect organizations to demonstrate more robust security hygiene to qualify for policies and payouts. According to Fortinet’s 2023 Global Ransomware Report, 41% of organizations with cyber insurance didn’t receive as much coverage as expected, and some didn’t receive any due to exceptions from the insurer6.
Our increased reliance on mobile phones for email, financial transactions, and other transmissions of sensitive information makes them an ideal target for phishing and malware attacks. According to Verizon’s 2022 Data Breach Investigation Report7, 18 percent of clicked phishing emails were on mobile phones.
US homes have an average of 46 connected devices connected to the internet, with home networks experiencing an average of eight attacks every 24 hours8. The increased reliance on smart devices is growing the attack landscape for hackers.
Hiring and retaining staff with the specialized skills required for today’s cybersecurity landscape is difficult, especially for small to mid-size businesses. Businesses are likely to turn to expert security providers as the stakes of a successful attack grow along with requirements for cybersecurity insurance underwriting.
The attention to data privacy and enforcement of related laws is growing. Nine states (California, Colorado, Connecticut, Utah, Virginia, Iowa, Indiana, Tennessee, and Montana) have comprehensive consumer data privacy laws in place. While other states have narrower data privacy laws, expect the trend towards increased consumer protection to continue.
About 9 in 10 data breaches are caused by human error9. Whether from distraction, perceived legitimate emails, or pressure to perform at work, errors occur and can have devastating consequences. Despite technological advances, employee security training will continue to be vitally important.