Is cybercrime the greatest threat to every company in the world?
Ginni Rometty, IBM’s chairman, president and CEO, had the following to say at a 2015 IBM Security Summit in New York City when she addressed CISOs, CIOs and CEOs from 123 companies in 24 industries:
“We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true—even inevitable—then cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world."
That prophetic commentary was shared in a Forbes post, when some vendor and media forecasts put the cybercrime figure as high as $500 billion annually. Last year, the Microsoft Secure Blog reported that The World Economic Forum estimated the economic cost of cybercrime to be $3 trillion worldwide. That was a six-fold jump in cybercrime damage estimates in just one year.
Cybercrime damage costs are now predicted to reach $6 trillion annually by 2021, according to the latest research conducted by Cybersecurity Ventures—a data point that has been corroborated by major media outlets, leading technology vendors, information security associations, universities offering cybersecurity degree programs, industry experts, and IT analysts.
Cyber threats have evolved from targeting and harming computers, networks, and smartphones to affecting people, cars, railways, planes, power grids and anything with a heartbeat or an electronic pulse. IBM's CEO saw it coming, and she gave us a big-picture view on how it was going to affect businesses globally.
A Twitter poll asked the cybersecurity community if they agreed (or disagreed) with Rometty's assertion that cybercrime is the greatest threat to every company in the world. The poll has received more than 800 votes, with 57 percent agreeing, 28 percent disagreeing, and 15 percent not sure.
Cybercrime affects businesses of all sizes
Cybercrime has no favorites when it comes to company size. Fortune 500 and Global 2000 corporations, mid-sized organizations, and small businesses are hacker and cybercriminal group targets.
“There is no effective law enforcement for financial cybercrime today,” says Herjavec Group founder and CEO Robert Herjavec, who agrees that cybercrime poses the greatest threat to companies globally.
“Organizations need to increase their defenses and become more resilient because there is no end state in sight for this growing cybercrime epidemic. So long as there is a way for cybercriminals to get paid, with limited risk, attacks will continue. The challenge remains that large enterprises aren’t nearly as agile as their attackers,” he said.
The Microsoft Digital Crimes Unit (DCU) states, “Cybercriminals hijack devices, steal personal information, send spam, run phishing scams and target bank accounts. It’s a global problem, and no one organization can solve the issue of cybercrime on its own.”
This is especially true of small businesses that do not employ full-time cybersecurity personnel.
U.S. President Donald Trump, speaking to the Retired American Warriors PAC in Herndon, Virginia, last year (prior to being elected), said, "Cyber theft is the fastest growing crime in the United States by far. [Cyber] attacks like these are happening on a regular basis both in the United States and around the world, and the costs in terms of privacy, our security and our financial sector are truly extraordinary."
Last year billionaire businessman Warren Buffett warned no company could be prepared for a major cyber attack.
"I don't know that much about cyber, but I do think that's the number one problem with mankind," Buffett was quoted as saying in a Business Insider story.
Do companies create cybercrime fear?
However, Gabriel Shonzeit, founder and CEO at IDsecurityonline.com, LLC, disagrees and offered a dissenting view in a LinkedIn post responding to the Twitter poll.
"Companies creating and propagating fear causing individuals and companies to focus on 'threats' instead of fostering trust is the greatest threat," he said. "Breaches come from within, and the current approach is defensive sold based on fear."
Interestingly, Shonzeit had this to say in a press release promoting his firm's ID card printers and photo ID systems to schools: “Nobody should have to live in fear and not be in a secure environment each and every day.”
In reality, it's the cybercriminals who are generating the fears and hacks. Vendors, including Shonzeit, will inevitably draw attention to this sad truth.