The Cybersecurity Imperative
Managing cyber risks in a world of rapid digital change
“We are in a cybersecurity arms race, and the hackers are winning. Over the years, we have tested thousands of companies. There is always a way in."
Kevin Mitnick, Chief Hacking Officer, KnowBe4
By 2021, cybercrime is likely to cost the world $6 trillion annually*—more than the combined GDP of the UK and France. As companies embrace the latest digital solutions and respond to rising regulations, cybersecurity has become a top management priority across industries and markets.
But cybersecurity is a moving target: as companies embrace new technologies, so do hackers. The reluctance of firms to share cybersecurity information makes benchmarking and planning more challenging.
To fill this gap, ESI ThoughtLab joined with WSJ Pro Cybersecurity and a group of prominent organizations to launch The Cybersecurity Imperative, a thought leadership program drawing on rigorous global research and analysis. As part of this program, we surveyed 1,300 organizations across industries and countries, conducted advisory meetings and interviews with leading experts and practitioners, and developed analytical tools to benchmark approaches and assess performance impacts.
*According to Cybersecurity Ventures
The Economics of Cybersecurity
"As companies put everything on a digital platform and introduce IoT-operated devices, they create more attack points - which can have critical impacts on business beyond just personally identifiable information."
Scott Laliberte, Managing Director, Protiviti
Digital innovation is a double-edged sword: while it improves business results, it also exposes organizations to greater cyber threats. These risks rise as companies embrace new technologies, such as AI and Internet of Things, as they move to open platforms and cloud-based systems.
The Cybersecurity Imperative Pulse Report
In April-May 2019, ESI ThoughtLab surveyed 467 firms to gain insights into their latest cybersecurity perspectives, plans, and practices (see research background on next page). The survey revealed that on average CISOs are increasing their cybersecurity war chests by 34% in the next fiscal year, after raising investments by 17% the previous year. Some industries, such as financial services and industrial manufacturing, plan to boost spending by as much as 40% next year, and companies with over $10 billion in sales will bolster their budgets by a hefty 49%.
Cyber risks with the largest growth over the next two years
Although the most common attacks are now malware/spyware and phishing, the growing use of supplier ecosystems, embedded systems, and mobile and web applications will escalate risks.
Executives expect to see huge growth in attacks through third parties with network access (+247%), and also the reverse: attacks on partners and vendors through their own systems (+284%).
The Cybersecurity Benchmarking Database
To cope with rising cyber risks, companies are increasing their cybersecurity investment 7% this year and 14% next year. On average, companies with revenue between $250m-$1b will spend $2.9m next year; $1b- $5b ($5.7m); $5b-$20b ($10.7m); and $20b+ ($16.8m). Next year, these firms plan to allocate 39.3% of their cybersecurity budgets to technology, 30.7% to process, and 30% to people. To learn more, take a look at our new database, Cybersecurity Benchmarks 2018
Companies boost budgets to fight evolving cyberattacks
Budgets will increase 34% next year, according to a global survey conducted by ESI ThoughtLab and WSJ Pro Cybersecurity . . .
US and Canada lead the world in cybersecurity maturity
A report from ESI ThoughtLab and The Wall Street Journal - in collaboration with consultancy partners Protiviti and Willis Towers...
Most executives around the world see untrained staff as the greatest cyber risk
The majority of executives (87%) around the world cite untrained staff as the greatest cyber risk to their business...
Why digital transformation puts you at greater risk for cyberattacks
Companies that do not keep up with their digital transformation initiatives may see a $1 million or more...
Damage to cybercrime can run in billions
Due to rapid digitization, cybersecurity risks are increasing rapidly and companies can hardly keep up.
Executives expect to see 247% spike in cyberattacks through third party access over the next two years
Third parties are the fastest growing of the many significant cyber risks revealed by ground-breaking new global study...
Digital transformation increases risk of cyberattacks
The drive to digital transformation is exposing companies to higher and more costly cyber risks according to a new study of over 1,300 businesses...
At ESI ThoughtLab, we are committed to creating visionary thought leadership and evidence-based decision support to keep organizations at the forefront of market change. For more information, please contact us.