Headline partners:

Microsoft Microsoft

Cyber Attacks Rank as Top Concern for European, Asian & US Firms

Cyber-attacks are the top business concern for those companies located in Europe, East Asia and North America, a wide-ranging survey from the World Economic Forum has revealed.

Over 12,000 business people from 140 countries were polled for the report, named “Regional Risks for Doing Business 2018” which found that cyber-attacks were, globally, the fifth biggest concern for businesses, up three places from eighth last year. However, in Europe, Eastern Asia — China, Japan and Korea — and North America, it jumped to first, showing how the world’s most advanced economies think this a larger concern compared to unemployment or underemployment, which was the biggest concern globally.

Interestingly, unemployment or underemployment was rated as the top concern in only one of the eight regions — Sub-Saharan Africa. However, in six of the other regions, it was rated consistently in the top five, with only North America not considering it a top five concern for business in the next decade.

As the world gets more and more connected, cyber-attacks become more frequent and therefore more of a concern for businesses around the world. Despite the large amounts being invested in cybersecurity — over $101 billion was invested globally into the sector in 2017 — and advanced artificial intelligence being developed to stop attacks, 54% of companies say they experienced a successful attack in 2017, with 77% of those attacked saying this was through an exploit or “fileless” attack.

Fraser Kyne, EMEA CTO at Bromium, a malware solutions company, commented: “Businesses are right to be concerned by the prospect of cyber-attacks threatening them over the next ten years. Despite $114 [billion] being invested in cybersecurity in 2018, businesses are still getting owned with alarming regularity. When looking at the causes of breaches, it’s evident that email attachments, links and downloads are the most common methods used by hackers. Be it HR professionals opening infected CVs from unknown sources, or employees clicking links on malware-riddled social media sites on their lunch break, users provide hackers with an easy route to bypass security.”

He continued: “These simple attack methods are still effective because the architecture cybersecurity is built on is fundamentally flawed, as it overwhelmingly relies on detecting these threats. We’re increasingly seeing zero-day and other polymorphic malware being used to evade detection. Even the more sophisticated detection-based tools that utilize machine learning, AI and behavioural analytics to identify anomalies and patterns can potentially struggle to determine what is good and what is bad — and are certainly never able to be 100% accurate. Malware writers will also innovate using similar tools to make their attacks more effective.”

June 2019

#LTW