- Cybercrime is expected to incur annual global costs above $6 trillion by 2021, rising in conjunction with cybersecurity costs, according to a Cybersecurity Ventures report. Cumulative cybersecurity spending is expected to top $1 trillion over the next five years. By next year, spending is expected to rise from 2017's $86.4 billion to $93 billion.
- Cybercrimes are the fastest-growing crime as size, sophistication and cost rise, reports CNBC. Data breaches increased in size 1.8% in 2017, which amounts to an average of more than 24,000 records per breach.
- As ransomware attacks are expected to hit an organization every 14 seconds by 2019, a severe shortage in cybersecurity labor — expected to reach 3.5 million unfilled positions by 2021, compared to 2014's $1 million — may be the greatest threat to cybersecurity, according to Cybersecurity Ventures. But 2018 may be the "Year of Security Awareness Training" as cybersecurity programs for employees rises to $10 billion over the next decade.
Between learning just how bad years-old data breaches were and combing through endless reports on new ones, 2017 was not the most optimistic year for cybersecurity. And reports like this paint a bleak picture of the future.
Millennials and women, two underrepresented groups in the cybersecurity workforce, will be key in combating the shortage of security professionals. But adequate, let alone great, cybersecurity requires equal measures of quantity and quality.
Human error, from an overlooked patch to clicking on a seemingly innocuous email, can cause devastating effects for a company, economy and nation. Improving baseline cybersecurity practices through routine employee training and retraining is critical for companies moving forward.
Costs in the trillions of dollars and record losses in the tens of thousands are hard foes to stand up against alone. CIOs, CSOs and other decision makers should also focus on a comprehensive protocol and a comprehensive plan of action to assess the situation, fortify exploited weaknesses and disclose to the appropriate authorities.
After all, a botched handling of a breach can hit the recovery and company reputation just as hard.