The context of the current economic instability, a notable increase in cybercrime has been observed, with experts highlighting a rise in the sophistication of these attacks. Historically, economic challenges have often been paralleled by a surge in cybercrime, as criminals exploit the vulnerabilities of individuals and businesses under financial strain.
Andy Robertson, Head of Cyber Security at Fujitsu UK&I, notes the likelihood of escalated cybercrime in response to the challenging economic climate and potential global recession. He emphasizes a correlation between phishing attacks and adverse economic or social events, pointing out that criminals, too, face financial pressures, possibly driving an increase in such activities.
According to the UK government’s Cyber Security Breaches Survey 2022, 39% of UK businesses reported being aware of cyberattacks on their systems in the past year. The most frequent form of attack was phishing (83%), with around 21% facing more complex threats like denial of service, malware, or ransomware attacks. Despite the lower incidence, ransomware is regarded as a significant threat, with 56% of businesses adopting a policy against paying ransoms.
Ross Brewer, General Manager and Vice President of Europe, Middle East and Africa and Asia Pacific Japan for AttackIQ, comments on the substantial impact of ransomware attacks, including potential financial losses, reputational damage, legal issues, and loss of data and business continuity. He cites the example of a US travel services company paying a $4.5 million ransom to the Ragnar Locker ransomware gang.
Brewer advocates for businesses to prioritize cybersecurity return on investment (ROI) when allocating IT security budgets, particularly in unstable economic periods. He suggests that ROI should consider the potential losses prevented by effective security systems, emphasizing the importance of investing in robust solutions to mitigate risks.
IBM estimates the average cost of a data breach at approximately £3.5 million, with higher costs in regulated sectors like healthcare and finance. The evolving nature of cybercrime, especially with the prevalence of hybrid working models and more sophisticated criminal tactics, necessitates updated cybersecurity measures.
Robertson points out the increasing risk with the transition to cloud and hybrid cloud platforms, often due to inadequate configuration, leading to vulnerabilities. Fujitsu’s investment in cybersecurity reflects this trend, focusing on OT Security, Monitor, Detect and Respond Capability, Cloud Security Services, and Virtual Edge capability, reflecting client demand. Furthermore, Fujitsu has been adapting to the interconnected landscape of security and cloud services, recognizing the need for integrated skill sets in these areas.
The response on these challenges, businesses and individuals are encouraged to adopt comprehensive cybersecurity strategies. Government guidance like the ‘10 Steps to Cyber Security’ offers a framework for protecting organizations, while resources like the ICAEW’s cyber security hub provide additional support for managing cyber risks.