Cybercrime now costs the world economy more than $1 trillion, or just more than one percent of global GDP, which is up more than 50 percent from a 2018 study that put global losses at close to $600 billion, according to a new report by cybersecurity company McAfee.
The report titled “The Hidden Costs of Cybercrime,” also explores the damage reported beyond financial losses, finding 92 percent of companies felt effects beyond monetary losses.
“The severity and frequency of cyberattacks on businesses continues to rise as techniques evolve, new technologies broaden the threat surface, and the nature of work expands into home and remote environments” said Steve Grobman, SVP and CTO at McAfee.
He says there is a need for “a greater understanding of the comprehensive impact of cyber risk and effective plans in place to respond and prevent cyber incidents given the 100s of billions of dollars of global financial impact.”
Two-thirds of respondents’ organizations reported downtime in 2019 and the average cost to organizations from their longest amount of downtime in 2019 was $762,231.
IP theft and financial crime pose the greatest threat to companies and account for at least 75 percent of cyber losses, says the report which focuses on the significant financial and unseen impacts that cybercrime has worldwide
Damage to companies also includes downtime, brand reputation and reduced efficiency and 56 percent of surveyed companies said they do not have a plan to both prevent and respond to a cyber-incident, according to the report.
Out of the 951 organizations that actually had a response plan, only 32 percent stated the plan was effective, says the report based on interviews with 1,500 IT and line of business decision makers online.
Thirty-three percent of surveyed organizations said IT security incident resulting in system downtime cost them between $100,000 and $500,000.
As a result of system downtime, organizations lost, on average, nine working hours a week leading to reduced efficiency. The average interruption to operations was 18 hours.
The report says it took an average of 19 hours for most organizations to move from the discovery of an incident to remediation.
According to the McAfee report, 26 percent of the respondents identified damage to brand from the downtime experienced because of a cyber-attack.