Costly Cyber Crime

Visual Capitalist reports that cybercrime has big-time implications and estimates show that $5.2 trillion worth of global value, is at risk from cyber attacks, in the next 5 years. This is a strange crime where, due to complexities, the fraud investigation costs appear to be, higher than the fraud itself.
 
What constitutes cybercrime?? Experts categorize them into 4 groups.....
Malware, web-based attacks, denial of service and malicious insiders. While the first two are distressing, as huge information loss takes place, the third one additionally, disrupts the business. However, the insider led crime is the most vicious, as it grinds everything to a halt.
 
Raconteur has published data of 11 leading nations indicating the enormity of the effects of cybercrime. Undoubtedly, the USA tops the list with known costs of $27.4 million, followed by Japan of $13.6 million, Germany  $13.1million, UK 11.5 million, France $9.7 million. Other big nations reeling under the ill effects of such crime are Singapore, Canada, Spain, Italy, Brazil and Australia. Many countries do not have reliable data and I am sure India must be no less affected.
 
Evidently, the Banking industry is most prone to such ingress in their IT systems and data shows losses in 2018, totalling $18.4 million. Utility and software are also big losers in the same range. The auto industry has shown a 50 per cent increase in cyberattack hits last year, while travel and life sciences have faced 100 per cent more virulence in cybercrime losses. Even the media reported $9.2 million worth of fraud effects. Visual Capitalist finds 67 per cent overall enhancement in cyberattacks, which is an acute warning to all industry leaders.
 
The logical question is what steps can be taken to mitigate the consequences of this new crime, which has menacing proportions? Accenture has done a study and recommended nine technologies that can help. The most significant is" security intelligence and threat sharing " followed by the use of automation and Artificial intelligence.

Cybersecurity sensitivity, culminating in a company strategy,  will help the most. Cryptography technologies, clever steps for identity and access management, measures to prevent data loss, compliance of all governance risks, will ensure better preparedness to deal with such eventualities.
 
One company I know has an SOP of changing email ids of all staff every month, without fail. The loss of reputation when an individual email id is hacked is itself stupendous, as I experienced recently. Extrapolate to a full organisation and you can imagine its monumental image loss.
 
India is a huge country where the stakes are large, especially of insider attacks, one of which came to light last month.
A strict cybersecurity policy needs to be in place quickly, through a multidisciplinary team of the govt, where all major ministries and state governments are represented. A clear cut SOP must be created with clear delineation of respective responsibilities. In case of a major attack, the National Disaster Management Team will also have to move in to mitigate repercussions. Defence Ministry has to carefully and scrupulously create an even more stringent SOP, as defence secrets are very vulnerable from crack attackers.

The watchword is "advanced perimeter control" as Accenture puts it succinctly.