Companies lost $4.7 million on average last year from cyberattacks, while more than one in 10 lost over $10 million, according to a new report from a collaboration of cyber and risk management firms.
The latest survey by ESI ThoughtLab found that companies see internet-connected devices (Internet of Things) and shadow IT, such as the use of unapproved cloud applications, as its most significant vulnerabilities. Email servers and employee-owned devices with network access also ranked as high threats.
“As we go deeper into the digital age, cybercriminals are becoming much more sophisticated and well-funded,” said Brian Hengesbaugh, Partner and Global Chair of Data Privacy and Security, at the law firm Baker McKenzie. “Companies and industries that have never had to deal with such risk before are now having to prepare.”
The survey found the number of companies affected by cybercrime, such as a ransomware attack, jumped from 57% to 71% over the past year.
Last year total malware attacks reached 857 million according to independent virus rating organization AV Test; in the first quarter of 2019 alone, the number rose to 901 million.
There’s another growing threat surveyed companies reported.
Over the past year, malicious insider threats have doubled, with 57% now citing a large or very large impact compared to 29% in the 2018 survey.
“In the past, organizations underestimated the impact of insider threats, but they are also worsening as technology— particularly the cloud—makes data more accessible and its movement easier. Attacks by state-sponsored hackers are also often made possible by collaboration with insiders,” the report said.
Chief Information Security Officers plan to increase cybersecurity investments by 34% in the next fiscal year, according to the report.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.