Transaction fraud, piracy, hacking, advance fee fraud, identity theft – the list of cybercrimes seem endless but the cost is even more mind blowing. It has been estimated that the annual cost of cybercrime to the global economy is almost $600 billion while cybercrime cost to businesses is expected to be over $2 Trillion by 2019.
In April 2016, the world was stunned by the Panama Papers scandal; information leak of ‘sensitive’ offshore financial records which were located on Amazon’ Cloud. Hackers successfully gained illegal assess to 11.5 Million documents and 2.6 terabytes of confidential information from the database of the world’s fourth biggest offshore law firm, Mossack Fonseca.
A failure and weakness in Mossack Fonseca’s cybersecurity made a joke of the need for privacy which its clients craved; perhaps, the essence of its service to them. Clearly, cybersecurity and cybercrime pose an essential concern to Finance Managers and Technology Officers; ensuring adequate Return On Investment (ROI) in cybersecurity solutions.
Here is a starting point for assessing and determining the value of what should be invested in your Cybersecurity:
Determine the value (worth) of data
At the core of every cybersecurity need is figuring out how much data is worth.
The value of the data may be assessed by considering its confidentiality, monetary loss from cybercrime, impact of lack of security on productivity and loss of clients and business partners. While most of these are qualitative items, quantitative value may be placed on them by estimating loss of business and the replacement cost associated with restoring data.
Identify entry points for security threats
An assessment of points of entry through which security threats may crystallise grants a proactive measure to cybersecurity needs. From system crash to file corruption as a result of computer viruses and hacking into servers, emails, websites and various data hosts by unauthorized users, and disclosure of vital information such as passwords, the list of threats to data safety is clearly endless. It’s no doubt that there are evolving points through which data may be lost and it is important to consider the possible points of entry for cyber threats.
Compare cost effective measures to protect data
While cybersecurity is continuous and shouldn’t be treated as a destination or afterthought, it must be cost effective to be deemed necessary. Haven estimated the value of data and potential entry points for cybercriminals, it’s necessary to consider various solutions that can protect IT infrastructure and processes from losses attributable to cybercrime.
There is a need to consider the cost of unified threat management solutions, firewalls, DDoS solutions, advanced threat management systems, access control and if you lack the expertise you could consider managed security solutions from Layer3.
In summary, while evaluating security needs and available solutions, it is important to always consider this – is my investment in cybersecurity sufficient or wasteful?
Click here to contact Layer3 to help you with cost effective measures to tighten lose ends in your IT infrastructure and boost the cybersecurity of your data and processes.
Authors: Akeobi Moro and Kelechi Chukwu