A new study on the cost of cybercrime, spanning across 11 countries in 16 industries, has revealed that the healthcare industry has experienced a slight drop in cybercrime costs, year-over-year.
Now in its ninth year, the Cost of Cybercrime Study from Accenture includes interviews of more than 2,600 senior leaders from 355 companies across an array of sectors. According to the report’s authors, “Our research found that cybercrime is increasing, takes more time to resolve and is more expensive for organizations. But we also found that by improving cybersecurity protection, cybercrime costs can be reduced and new revenue opportunities realized.”
Across all industries, the findings revealed:
- The expanding threat landscape and new business innovation is leading to an increase in cyberattacks—the average number of security breaches in the last year grew by 11 percent from 130 to 145.
- Organizations spend more than ever to deal with the costs and consequences of more sophisticated attacks— the average cost of cybercrime for an organization increased $1.4 million to $13 million (U.S.).
- Improving cybersecurity protection can decrease the cost of cybercrime and open up new revenue opportunities—the researchers calculate a total value at risk of $5.2 trillion globally over the next five years.
- The health sector experienced an 8 percent decrease in cybercrime costs year-over-year.
What’s more, the cost to companies from malware and “malicious insider”-related cyberattacks accounted for one-third of the total $13 million cost to companies, on average, from cybercrime in 2018, an increase of 12 percent in the past year.
Accenture researchers outlined three steps to unlocking the value in cybersecurity:
- prioritizing protecting people-based attacks, as countering internal threats is still one of the biggest challenges with a rise in phishing and ransomware attacks, as well as malicious insiders;
- invest to limit information loss and business disruption: Already the most expensive consequence of cyberattacks, this is a growing concern with new privacy regulations such as GDPR and CCPA;
- and target technologies that reduce rising costs, by using automation, advanced analytics and security intelligence to manage the rising cost of discovering attacks, which is the largest component of spending.