The true cost of cybercrime

By Jessica Foreman. Published at Dec 6, 2018, in Opinion

With cyberattacks and online data breaches reported by Facebook, Google and British Airways, and the fallout of a huge attack on the UK’s National Health Service (NHS) now revealed, it seems tougher than ever to keep data safe.

In October, Google announced the closure of Google Plus after a security vulnerability exposed the private data of up to 500,000 users.

Early this year, Facebook acknowledged that Cambridge Analytica, a British research organization that performed work for the Trump campaign, had improperly gained access to the personal information of up to 87 million Facebook users.

Then in September, the social media goliath revealed attackers exploited a vulnerability relating to its ‘view as’ feature. Out of the 50 million people initially thought to have been affected, the company confirmed in October that 30 million had in fact been affected.

The British Airways data breach reported to customers in September could end up costing the company £500 million in fines alone under new European General Data Protection Regulation (GDPR) terms which mean firms can be fined 4% of turnover.

Compensation costs and potential lawsuit settlements would be additional monetary imposts — not to mention the financial impact of any reputational damage.

A report published in October estimated the cost of the May 2017 WannaCry attack, which disrupted services at one-third of NHS trusts and resulted in more than 19,000 GP appointments being cancelled. That cost up to £92m (A$161M) in lost output and £73 million to restore affected data and systems.

The Department for Health and Social Care (DHSC) also disclosed it will spend about £275 million on additional security measures by the end of 2021, in the latest update to its report Securing cyber resilience in health and care.

The report said that to assess the true cost accurately and fully, it would have to collect data from all organisations, which would be a “disproportionate financial burden” on the system.

This summer, Infosecurity Magazine reported more than $1 million is lost every minute to cybercrime, while 1,861 people fall victim to scams.

At the time, security author Raef Meeuwisse told Infosecurity that at both the level of personal and organizational cybersecurity, spending is usually too low.

He said he still has regular conversations where a person will talk about someone they know who has lost a fortune through an online scam, yet there was still reluctance to pay £5 a month for home security software.

It goes without saying that all businesses must closely consider and invest in the right IT solutions to ensure the security of customer and stakeholder data as well as their efficient use and management.

The true cost of cybercrime is rising and the numbers seen in some of the high profile examples above should demonstrate that the scale and scope of this is huge and could happen at any time. Businesses and individuals could, if they’re not careful, lose everything which is why the case for security measures is greater than ever.

S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.

Conflict of Interest Notice

S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.

Publishers Notice

The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.