Cybercrime could cost companies $5.2tn in five years

The report outlines three steps businesses can take to protect themselves.
21 January 2019

A person works at a computer during the 10th International Cybersecurity Forum in Lille. Source: AFP

Cyber attacks could account for a loss of US$5.2 trillion from global business in the next five years, according to a new report by Accenture.

That figure would come from a combination of additional costs and lost revenue incurred by such attacks, as dependency on digital business models outpaces the ability to implement adequate safeguards.

The report, Securing the Digital Economy: Reinventing the Internet for Trust, was based on a survey of more than 1700 CEOs and other c-suite executives around the globe, set out to explore ‘internet-related challenges’ facing businesses today, and imperatives for CEOs’ evolving role in technology, business architecture, and governance.

Cybercrime emerged as one of the most pressing issues, with a range of malicious activities posing a threat to business operations, innovation and growth— and the costs of protecting against them— amounting to trillions in dollars in lost revenue.

The high-tech industry faces the highest risk, with more than US$753 billion hanging in the balance, followed by the life sciences and automotive industries, with $US642 billion and US$505 billion at risk, respectively.

“Internet security is lagging behind the sophistication of cyber-criminals and is leading to an erosion of trust in the digital economy,” said Omar Abbosh, who leads Accenture’s Communications, Media & Technology operating group globally.

“Strengthening internet security requires decisive— and, at times, unconventional— leadership by CEOs, not just CISOs. To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”

Among the key findings: Four in five respondents (79 percent) believe that the advancement of the digital economy will be severely hindered unless there is dramatic improvement to internet security, and more than half (59 percent) of respondents said the internet is getting increasingly unstable from a cybersecurity standpoint and they are unsure how to react.

At the same time, three-quarters (75 percent) of respondents believe that addressing cybersecurity challenges will require an organized group effort, as no single organization can solve the challenge on its own. With heightened concerns about internet security, more than half (56 percent) of executives would also welcome stricter business regulations imposed by a central organization or governing body.

“The internet wasn’t built with today’s level of complexity and connectivity in mind, which is why it takes just one click — whether inside or outside the company walls — to fall prey to a devastating cyber attack,” said Kelly Bissell, senior managing director of Accenture Security.

“No organization can tackle the challenges posed by cyber threats on its own; it’s a global challenge that needs a global response, and collaboration is key.

“To shape a future that thrives on a strong and trustworthy digital economy, senior executives need to look beyond the bounds of their organization, team with an ecosystem of partners, and secure their entire value chains — across every partner, supplier, and customer.”

The rapid emergence of new technologies is creating additional challenges, as four in five respondents (79 per cent) admit that their organization is adopting new and emerging technologies faster than they can address related cybersecurity issues, with three-quarters (76 percent) noting that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT).

A majority (80 percent) also said protecting their companies from weaknesses in third parties is increasingly difficult, which isn’t surprising given the complexity of today’s sprawling internet ecosystems.

Also, on the minds of many senior executives: consumer data protection. Fueled by security concerns, 76 percent of respondents believe that consumers can’t trust the safety of their online identities when too much of their personal data is already available without restrictions.

Next steps

The study outlines three actions that CEOs and other c-suite leaders can take to help improve the safety of the internet:

# 1 | Governance

Join forces with other companies and govern globally – Step up efforts to collaborate with other top executives, government leaders, and regulators to better understand how to prevent new cyber attacks.

# 2 | Business Architecture

Connect and protect with a model run on digital trust – Become brilliant at the basics of cybersecurity. Fully protect business across the entire ecosystem of partners and supply chains.

# 3 | Technology

Advance businesses and enhance safety  Embrace new technologies, master IoT security, and prepare for the quantum challenge. Ensure that software security and update functions are embedded into mobile and IoT devices from the initial design.