It may not attract the attention of Hollywood like jewel heists or the mob, but neither can hold a candle to cybercrime―at least financially. In a recent study by The Herjavec Group, headed by Canadian entrepreneur and Shark Tank regular Robert Herjavec, cybercrime will pass $6 trillion dollars in the next three (3) years. Yes, $6 trillion. Write 6, then follow it with 12 zeroes—that’s a lot of cybercrime. And because that figure is double what it was just two (2) years ago, it stands to reason that $6 trillion will someday, perhaps as early as 2025, sound like a pittance.
No crime in the United States is growing at a faster rate―not even those associated with illicit drugs. The report estimates that $1 trillion will be spent fighting cybercrime over the next three (3) years. But perhaps the greatest threat to fighting cybercrime doesn’t have to do with money, but the lack of professionals who want to specialize in IT security.
It’s a bird…it’s a plane…no, it’s a cybercrime fighter
Several reports estimate that by 2021 there will be almost 4 million unfilled cybersecurity positions. One (1) reason for the shortage seems fairly intuitive given the precipitous rise in cybercrimes—companies can’t keep up with the demand. As Watergate informant Deep Throat advised to reporters Woodward and Bernstein: “Follow the money.” Yes, cybercrime pays, and pays very well. And the more ill-gotten gains, the more miscreants enter the “profession”.
Part of the security job gap is a skills issue. Many companies don’t want to train IT personnel to become security experts, but want instead to hire somebody who can bring the experience, expertise, certifications and accreditations with them. Combine that hiring philosophy with the super high demand for security professionals and the numbers don’t add up. The trained, experienced IT security pros have already been snatched up. It’s not that hiring IT security professionals isn’t on the rise, it’s that many companies stymie the hiring numbers by looking for experts that have no intentions of leaving their company. Remember, it’s in high demand, which means they’re also making a lot of dough.
Ransomware—cybercrime’s current business model
It’s predicted that a company is hit with a ransomware attack every fourteen (14) seconds (that number jumps to eleven (11) seconds by 2021). And the bad guys are getting better at it. Their shotgun, spray and pray approach has been supplanted by launching more targeted and effective infections. Ransomware is still the king of cybercrime. The FBI estimates that ransom payments hit $1 billion last year, and that total damages due to ransomware―including lost and destroyed data, halted productivity, theft of intellectual property, stolen customer, company and employee data, network outages, lost productivity, etc.―exceeded $5 billion. They believe that figure will hit $20 billion within three (3) years.
Dollars, productivity and copped data aside, there’s another fear that’s been voiced by somebody who knows a thing or two (2) about crime. According to Frank Abagnale, who’s shady, crime-fueled past was the subject of Steven Spielberg’s 2002 film Catch Me If You Can, “Up until now it’s just a financial crime for the purpose of stealing money―or stealing data that is money―but we have the ability now to turn someone’s pacemaker off.”
To find out how to secure your organization’s network, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.