Growth & Jobs | ‘Not investing in cybersecurity could be your most expensive mistake’ | News
AS MORE local businesses make the leap into the digital space, a local expert is urging them to pay serious attention to cybersecurity.
“Forty-four cyberattacks are launched every second of every day,” Dwayne Brown, cybersecurity executive at the JN Group pointed out, based on global statistics, as he addressed business leaders.
Brown informed the group that over the past three years, there has been an exponential increase in global cyberattacks, costing companies, including those in Jamaica and the Caribbean, billions of dollars in losses.
The JN Group executive was addressing the Institute of Chartered Accountants of Jamaica’s annual business conference on the topic of ‘Digitisation and the Business of Cybersecurity’.
Quoting a report by Check Point Research (CPR), a multinational technology company, Brown said that from mid-2020 through to the end of 2021, there was an upward trend in the number of cyberattacks globally. This trend reached an all-time high at the end of 2021, peaking at 925 cyberattacks a week per organisation, globally. Overall, in 2021, researchers saw 50 per cent more attacks per week on corporate networks, compared to 2020.
Further, he pointed to an IBM 2021 report that found that the average global cost of a data breach climbed to over US$4 million per company. That’s a 10 per cent increase, compared to US$3.92 million in 2019, due to “drastic operational shifts” caused by the COVID-19 pandemic. The figure stood at US$3.86 million in 2020.
Brown said that to understand how crucial it is to prevent cyberattacks, “consider the average time required to identify and contain each type of compromise”.
He explained that it takes a staggering 327 days to identify and contain a compromise through stolen credentials. The number drops to 295 days for phishing and 244 days for cloud security breaches.
Emphasising that these are ‘average’ durations, the cybersecurity expert said the common saying, ‘time is money’, becomes critical in an evolving cyber-threatened landscape.
“I must admit that we live in a society where there is a culture of reacting after the fact, but I warn that this is not the approach businesses want to take when it comes to cybersecurity. Not investing in cybersecurity could be your organisation’s most expensive mistake, and could even result in its ultimate ruin,” he warned.
Ryan Meeks, manager of development, security and operations and applications security at Symptai Consulting Ltd, who also presented at the seminar, further disclosed that the Caribbean experienced 144 million cyberattack attempts in the first six months of 2022, with ransomware being the most common breach.
The data showed that Guyana had the most cyberattacks with 71 million, while Suriname experienced 16 million, Barbados was third with 13 million attempts, and Jamaica fourth with 12 million cyberattack attempts.
Meeks revealed that companies in Latin America and the Caribbean paid out approximately US$124 million in the first half of 2022 for ransomware attacks.
He noted that cyber breaches not only cost companies millions of dollars in losses, but can also impact their reputation and their relationship with stakeholders and customers. “If, for instance, a company is hacked, and they don’t handle it correctly, it can ruin their reputation. Your brand can be destroyed, so something that took years to build can be destroyed in just a second. Do you really want to take that risk?”
Meeks said a lack of investment in effective cybersecurity can also impact the country’s prospects for economic prosperity and foreign investments.
“If outsiders see where the country is not finding a framework that will better deal with cyberattacks, people are not going to want to invest in the country or invest in our businesses. They’re going to say it’s too risky.”
Meeks advised that, on average, companies should be spending at least three to six per cent of their IT budget on cybersecurity. “If you add in compliance spending as part of security, that’s another three to six per cent of the IT budget. If you include business continuity spending, that’s another two per cent, bringing it to 10 to 14 per cent of the total IT budget,” he outlined.
He urged businesses to conduct regular security reviews to ensure that they have the right systems in place to withstand future cyber breaches.
editorial@gleanerjm.com
Gloss