A report out by Cybersecurity Ventures predicts global annual cybercrime costs will grow to $6 trillion by 2021.
While a $6 trillion estimate might be a little high, “a trillion dollars plus is a real possibility,” says Larry Ponemon, chairman and founder of the Ponemon Institute. Though this isn’t a number he saw coming down the pipeline. “If you asked me five or six years ago, I’d fall over,” he says.
The predicted cybercrime cost takes into account all damages associated with cybercrime including: damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm. It does not include the cost incurred for unreported crimes.
Other research has shown that the cost of cybercrime increases the longer it takes to detect it, if it’s detected at all. According to the Ponemon Cost of Data Breach report, the longer it takes to find and resolve a breach, the more costly it will be for an organization. Breaches identified in fewer than 100 days cost companies an average of about $1 million less than those that take more than 100 days to be discovered, according to Ponemon. And in the 2016 Dark Reading Security Salary Survey, 9% of IT and infosec pros don’t even know if they’ve been breached. A study by The Office of National Statistics for England and Wales found that most cybercrimes go unreported.
The Cybersecurty Ventures report, which is a compilation of cybercrime statistics from the last year, also predicts that the world’s cyberattack surface will grow an order of magnitude larger between now and 2021.