Global Cyber Crime Costs to Reach $10.5 Trillion by 2025: What SMEs Need to Know.

0
1667
#image_title

Experts at CyberSecurity Ventures anticipate that global cyber crime costs will grow by 15% each year over the next five years, reaching a staggering $10.5 trillion USD by 2025.

As cyber criminals become increasingly sophisticated and organised, the threat to businesses in the UK continues to grow. 

Interestingly over half of cyber attacks are carried out on SMEs, highlighting that it isn’t just the large, global corporations that are at risk. Research also suggests that just 58% of SMEs feel safe against cyber attacks, with 73% of those caught out by scammers having to pay some form of ransom fee.

What’s more worrying is the fact that within 6 months of a breach, 60% of small enterprises go out of business. Remember, it’s not just the immediate financial repercussions that need to be considered. When systems are taken offline, customer orders cannot be processed. There’s also the reputational damage that’s inevitable if customers feel their sensitive information has been compromised.

But when it comes to preventing breeches, Ben Jarvis, product manager of ECI business supplies division, says that hybrid working has introduced barriers to protection that were not there before.

“With teams working remotely, a business has far less control over how the network is accessed. People may be using their own devices to access the system and even the most tech-savvy individual can fall victim to cyber crime. 

“Criminals use a range of tactics, from hacking – where the aim is to access and potentially sell important data – to malware or ransomware attacks. The latter two methods involve a form of malicious software being installed within a system, usually via a phishing scam, and then encrypting the businesses data. This is where anti-virus software can act as a vital barrier to prevent this from happening – either blocking certain emails or notifying teams if something looks suspicious.”

“Devices that aren’t in the office are exposed to a wider variety of threats because security at home is likely to be less secure than in a company office location,” said David Corlette, VP of product management at VIPRE Security. 

“This increases the need to choose a solution that is known to provide robust protection, particularly in the network protection area. Additionally, it heightens the drive for companies to provide security awareness training for their employees working at home – especially as there will be no IT security admins looking over their shoulders to make sure they aren’t making mistakes.”

Conscience

The notion that the internet can be a dangerous place has been around for a while now. With that said, as headlines continue to pop up every month about a new breach, risk, or tactic, questions arise as to how seriously businesses are really taking these threats.

“It’s pretty much accepted by at least all medium and large sized organisations, that anti-virus/anti-malware software is a basic necessity for business IT,” said Adam Seamons, Information Security Manager at GRC International Group. “However, I believe there is still a reluctance from SMEs to spend money on IT security, which will likely be exaggerated with the economic situation. 

“Organisations will no doubt see IT and security as a place to reduce costs and cut corners. I’ve personally seen many examples of small businesses doing things such as using free antivirus software, which is designed for individual use consumers, rather than installing the appropriate business security products.”

Role of Resellers

With the shift to hybrid working and increasing business costs playing into the hands of hackers, the question shifts to who will help the unprotected?

As resellers have a direct relationship with businesses, they may be seen as an obvious place to start to answer that question. Seamons continued to say that impartiality needs to remain at the heart of any security questions businesses have for their supplier. 

“The focus for resellers is to make money, and while they are an important part of the solution, it’s necessary to recognise that their primary goal is financially driven, and customer security falls secondary. 

“As a result, it’s critical that organisations look for impartial security advice, rather than being sucked into the industry hype or marketing flash. This is no mean feat, but it’s becoming easier now that government advice is maturing, and there are many security advocates out there that provide sound advice for SMEs.”

Corlette agreed, adding that the challenge for resellers is to sacrifice margin to supply the right solution to each of their customers. 

“Resellers can play a big role in providing the correct solution because they provide advice and guidance as to which solution is the right choice for a given business, based on factors such as their risk profile, what devices they have, and what type of network architecture they use. 

“However, resellers can sometimes be driven by margin, meaning they prioritise selling one vendor’s solutions over another because of profit, rather than the solution’s features and efficacy. Instead, customers should ask the reseller to explain why a given solution is recommended, and provide several alternatives with pros and cons that are aligned with their business needs.”

Trusted Partner

While resellers may be bashed for not supplying their customers with the solutions that are in their best interest, it makes no sense for those resellers to essentially sell faulty goods. 

One of the unique selling points of the reseller model is the trust that exists between businesses and their sales director, something that Sohin Raithatha, CEO at Redsquid touched on.

“It is increasingly important for MSPs such as ourselves to take on the role of a trusted partner, and not just a provider of technology. This is a role we carry out with pride, as we recommend the technology that will keep our customers safe, not just now, but also in the coming years. In the end, many of the risks sit with the end users and this is an area we have a big focus on at Redsquid. 

“Cyber Security Awareness training is a recommendation we will make to every single company, to make sure their users know how to navigate among the threats that land on their machines every single day. 

“You can have all the security in the world, and that will stop most of the attacks, but you still need your users to be aware of those last attacks that do get through. Cyber criminals are increasingly finding new ways in, and with that in mind, the technology continuously has to change as well. The key is that no solution is enough on its own any longer, so any organisation must take a more holistic approach to their security that involves every single endpoint and user included.”

State of play

When it comes to the solutions themselves, protecting businesses is an evolving discipline as technology evolves. However, solutions need to be simple to understand, install, and use. 

As Laurence Bentley, head of cyber security at Core to Cloud, says, as technology continues to evolve and the threat of cyber-attacks becomes increasingly sophisticated, it’s essential for businesses to stay up-to-date with the latest trends in anti-virus software. 

“In the next 12 months, there are several key trends that I expect to emerge or grow in this area. Artificial intelligence (AI) and machine learning (ML) will play an increasingly important role in anti-virus software to detect and neutralise threats in real-time, providing more effective protection against cyber-attacks. On top of this, the use of behavioural analysis will become more prevalent to detect and neutralise threats, providing an additional layer of protection against cyber-attacks.

“Anti-virus software will become part of a broader security solution that includes firewalls, intrusion detection and prevention systems, and data encryption. With more businesses relying on cloud-based systems to store and access data, cloud-based anti-virus solutions will also become an essential component of any cybersecurity strategy.

“In conclusion, the next 12 months are likely to see continued innovation in anti-virus software as businesses seek to stay ahead of cyber threats and protect their operations, systems, and data. By keeping up-to-date with the latest trends and investing in the right solutions, businesses can ensure that their cybersecurity strategies remain effective and keep pace with the evolving threat landscape.

Incoming threats

As for the security breaches that may come in, frustratingly, the trends we see in protection are mirrored in the viruses that businesses may succumb to.

AI and Machine Learning headlined Bentley’s predictions for the next 12 months, but he added that he expects the same tactics of fileless malware and ransomware to continue.

“The threat of malware and viruses continues to be a significant concern for businesses of all sizes, making it essential to stay up-to-date with the latest trends in this area. In the next 12 months, there are several key trends that I expect to emerge or grow in the world of malware and viruses.

“Ransomware attacks involve the encryption of a company’s data, with the attacker demanding payment to restore access. The use of ransomware attacks is expected to increase in the coming year, making it essential for businesses to have robust protection in place.

“Supply chain attacks involve the exploitation of a vulnerability in a third-party supplier’s systems, with the attacker using this vulnerability to gain access to a company’s systems. The use of supply chain attacks is expected to increase in the coming year, making it essential for businesses to have a comprehensive security strategy in place.

“The next 12 months are expected to see continued innovation and evolution in the world of malware and viruses. By staying up-to-date with the latest trends and investing in the right solutions, businesses can ensure that their cybersecurity strategies remain effective and keep pace with the evolving threat landscape.”