Shulou(Shulou.com)06/01 Report--

As digitization continues, businesses 'reliance on IT infrastructure availability is growing exponentially, but the truth is that many people don't understand the true extent of its impact.

The recent cyberattack on the Los Angeles Times, which delayed the publication of The Los Angeles Times, The Chicago Tribune, The Baltimore Sun and other Tribune Publishing titles, is a prominent example. In addition, in May 2018, a series of distributed denial of service (DDoS) attacks targeting the Netherlands also caused the online banking operations of three major financial institutions in the country to be severely affected and temporarily shut down.

Because of the dark web, cybercriminals have easier access to the tools available to them, crime is easier to commit, and the line between legitimate e-commerce and illicit trade is blurring. In February 2018, Dutch police arrested an 18-year-old man suspected of launching DDoS attacks against several Dutch businesses, including technology website Tweakers and Internet service provider Tweak. The investigation revealed that the man rented the Mirai variant IoT botnet through a market in the dark net to prove that "a teenager can make all banks collapse instantly with a few clicks"-unfortunately, it turned out that he did!

Changes in the social environment catalyse more serious cyber threats

In fact, today's social environment has become more fragile. The World Economic Forum (WEF) said business leaders in advanced economies believe cyberattacks have become the No. 1 threat to them, even more serious than terrorist attacks (No. 2), asset bubbles (No. 3), a new financial crisis (No. 4) or failure to adapt to climate change (No. 5).

This conclusion is not surprising, because as businesses become more reliant on technology, the business risks associated with cybercrime begin to grow. In addition, the increasing popularity of smart devices has opened up a series of new attack portals for cybercriminals to launch attacks through large-scale botnets. According to reports, by 2025, the number of smart devices worldwide is expected to exceed 75 billion, more than 10 times the total global population. At the same time, geopolitical competition has prompted a series of larger and more sophisticated cyberattacks by state-sponsored cyberspy groups. In particular, large organizations need to consider a variety of cyber threats-including business disruption, theft and extortion, reputational damage, economic espionage, and infiltration of critical infrastructure and services. The combination of changing threat landscape and highly complex adversaries makes cyber risk increasingly difficult to manage.

Insufficient cybersecurity resources

Enterprise awareness of the risks of cyberattacks is growing, and more and more organizations are struggling with cyberrisk management. However, as highlighted by the World Economic Forum (WEF), cybersecurity remains under-resourced compared to the sheer scale of cyberthreats.

It is estimated that cybercriminals earn $1.5 trillion a year-a staggering figure equivalent to Russia's gross domestic product and five times the estimated $300 billion in costs caused by natural disasters in 2017. Some studies predict that a single cloud provider collapse could cause economic losses of $50 billion to $120 billion--equivalent to the "financial carnage" caused by hurricanes sandy ($10 billion to $20 billion) and katrina ($113.4 billion).

Network problems cause business value to shrink

Cyber attacks can wreak havoc on businesses, and the obvious financial and legal impacts are only symptoms and prelude. In September 2017, Equifax leaked the personal privacy information of more than 145 million U.S. citizens, becoming the largest and most influential data security incident in U.S. history, which also caused Equifax's stock to fall by more than 31% and the company's capital market value to evaporate by 5 billion U.S. dollars. In addition, Verizon cut its bid by $350 million, or about 7 percent of its original price, after Yahoo disclosed two massive leaks. The leak almost killed the deal, which ultimately forced Yahoo to pay $35 million to settle "fraud charges" brought by the Securities and Exchange Commission, another $80 million to settle lawsuits from angry shareholders, and two years of free credit monitoring for about 200 million users in the U.S. and Israel.

By November 30,2018, Marriott International issued a statement saying that a room reservation database of its Starwood hotels had been hacked and 500 million user information had been leaked. The information on about 327 million of these guests includes a combination of name, mailing address, phone number, email address, passport number, SPG club account information, date of birth, gender, arrival and departure information, booking date and communication preferences. After the announcement, Marriott International's U.S. stocks fell more than 5% at one point. Marriott also promised to pay customers, but at $110 per passport, it would have to pay $36 billion, which is already equivalent to the company's entire market value.

New risks are on the rise.

Other factors also influence the consequences of cybercrime. For example, companies are more leveraged than they were a few years ago. Since 2010, the debt-to-equity ratio of S & P 1500 companies has almost doubled. As a result, according to the World Economic Forum, their stability is even threatened by cybercrime scams.

In response to this threat, regulatory frameworks are being tightened around the world-currently seen in the European Union's General Data Protection Regulation (GDPR) and new SEC directives in the US. Authorities want all organisations to be prepared for threats to minimize risk and increase transparency in the event of a cyberattack.

Businesses need to focus on their ability to adapt to cyber events, with an emphasis on prevention and response. Research shows that only about half (52%) of organizations have a Chief Information Security Officer (CISO) position, and only 44% say their company board is actively involved in their overall security strategy. In today's digital age, this ratio is clearly far from meeting security needs and needs to be rethought and planned.

Since almost every business is digitizing in one way or another, it would be naive to assume that cyberattacks today primarily threaten tech companies. In fact, cybercriminals are looking at a variety of industries, many of which are pre-digital "holdouts," such as hotels, airlines and banks, which are targeted by cybercriminals.

Innovation and growth in the modern enterprise must be balanced against cyber risk and IT stability. More than ever, business leaders must develop strategic plans that pave the way for emerging opportunities while outlining how their company ensures business continuity and addresses complex cyberthreat scenarios in the global digital landscape.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.