The accelerating pace of digitalization has led to a record-breaking year for cybercrime. Ransomware attacks saw a whopping 151% increase in the first six months of 2021. On average, there were 270 cyber-attacks per organization in 2021, a 31% increase over 2020, according to the World Economic Forum’s Global Cybersecurity Outlook 2022 report, launched at the Davos Agenda Summit 2022. The cost of breaches to an organization is high, amounting to an average of US$ 3.6 million per incident.

The report, which is based on a survey of 120 global cyber leaders from 20 countries over 2021 across the world, finds that dependence on digital technologies continues to surge at a rapid rate, and so does cybercrime. ‘…We, therefore, need to mobilize a global response to address systemic cybersecurity challenges,’ says Jeremy Jurgens, Managing Director at the World Economic Forum.

Ransomware attacks top concern

Ransomware attacks are increasing in frequency and sophistication. As many as 80% of cyber leaders stressed that ransomware is a dangerous and evolving threat to public safety. The survey also confirms that ransomware attacks are at the forefront of cyber leaders’ minds, with 50% of respondents indicating that ransomware is one of their greatest concerns when it comes to cyber threats.

Social-engineering attacks are the second-highest concern for cyber leaders, finds the study. Cybercriminals are seizing every opportunity to exploit vulnerabilities against people and organizations through technology. They are more agile than ever. Europol, the European Union’s law-enforcement agency, recently reported that organized crime groups recruited hackers for phishing, social engineering attacks, SIM swapping and sending malware to victims to gain control of bank accounts.

Number three on this list is malicious insider activity. Insider malicious activities come from an organization’s current or former employees, contractors or trusted business partners who misuse their authorized access to critical assets in a manner that negatively affects the organization.

What is needed now is to improve the capacity to bounce back quickly from a cyber incident. Cybersecurity is no longer a sufficient tactic – building resilience needs to be integrated into an organization’s strategy. 

87% executives plan to improve cyber resilience

The accelerating pace of digitalization and the shift of our working habits is pushing cyber resilience forward. Four out of five, or 81%, of respondents believe that digital transformation is the main driver to improving cyber resilience, while 87% of executives are planning to improve cyber resilience at their organization by strengthening policies, processes and standards. Cyber leaders and their teams will increasingly be judged by how quickly business operations are restored and how seamless and timely the incident response process was after a successful cyberattack.

MORE FOR YOU...

• IBM’s Obed Louissaint on building talent pipelines
• Microsoft to buy Activision Blizzard for $68.7 billion

Gaps between business and security leaders widen

There are perception gaps between business executives who think their firms are secure, and security leaders who disagree. Some 92% of executives surveyed agreed cyber resilience was integrated into risk-management strategies, but only 55% of cyber leaders agreed.

The survey found that 59% of all respondents would find it challenging to respond to a cybersecurity incident due to the shortage of skills within their teams. While the majority of respondents ranked talent recruitment and retention as their most challenging aspect, business executives appear less acutely aware of the gaps than their security-focused executives.

As digitalization continues to proliferate and new technologies are introduced, cyber risks will inevitably grow, the report adds.