The latest research done by McAfee in collaboration with the Center for Strategic and International Studies (CSIS) shows that Cybercrime is estimated to cost the world almost 1 percent of its cumulative Gross Domestic Product (GDP) or almost $1 trillion annually. That is apart from the non-monetary losses that companies face which we will mention later. The study is titled, “The Hidden Costs of Cybercrime” and is lead by Zhanna Malekos Smith, Eugenia Lostri, and James A. Lewis.
The study reveals that by their estimates, the world faced a monetary loss of approximately $945 billion due to cybercrime and spent approximately $145 billion on cybersecurity. In comparison, the cost of cybercrime was estimated to be around $600 billion in 2018. That is an increase of around 50% since 2018.
The report mentions, “ransomware and phishing-related schemes have increased dramatically, with cybercriminals actively targeting organizations that include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments.” Only 4 companies out of the 1,500 companies surveyed (from technology professionals in government and business in the US, Canada, Britain, France, Germany, Japan, and Australia) in the study claimed they did not face any sort of cybercrime in 2019. 92% of the companies said the biggest loss was non-monetary like the loss in productivity and lost work hours.
Some of the losses incurred by organizations other than monetary losses include system downtime, reduced efficiency, incidence response costs, brand and reputation damage, damage to employee morale, cyber insurance, IP thefts, and opportunity costs. The average cost to organizations from their longest amount of downtime in 2019 was $762,231.
Despite these statistics, the study found that most organizations did not have plans in place to reduce the effect of security incidents on their operations which is because higher management in these cases is not made aware of the security incidents. More than half of the surveyed organizations said they do not have plans to both prevent and respond to a cyber incident.
SVP and CTO at McAfee, Steve Grobman, said, “The severity and frequency of cyberattacks on businesses continues to rise as techniques evolve, new technologies broaden the threat surface, and the nature of work expands into home and remote environments.”