With remote work arrangements set to stay, we are more vulnerable than ever. McKinsey points to a near-sevenfold increase in spear-phishing attacks since the pandemic began2 with criminals taking advantage of delayed updates to email and web filters to target remote workers.
The cost of these types of attacks and increased vulnerability highlight the need for governments to rapidly accelerate ‘cyber resiliency planning’ — the ability to prevent, respond to and recover from cybercrime — to ensure a strong foundation as we build towards global economic recovery.
The enormous toll of cyber-attacks
Ransomware and other sophisticated cyber-attacks are becoming more prevalent and damaging and chillingly, cybercriminals are increasingly set their sights on essential organisations and critical infrastructure. Just this year we’ve seen attacks on news networks, hospital operators and state education departments
The financial ramifications of cybercrime are enormous and will cost the world $10.5 trillion annually by 20253, exponentially more than the damage from all the natural disasters over the same period. But the damage caused by cyber-attacks stretch far beyond financial costs, with the theft or destruction of personal data and intellectual property, as well as reputational harm.
Over 100 governments have already developed national cybersecurity strategies to protect their citizens, businesses, and critical infrastructure against these risks.4 Australia is currently seeking to pass The Security Legislation Amendment (Critical Infrastructure) Bill, which will legislate protection for critical infrastructure from cyber security threats.5, and the federal government recently unveiled its Ransomware Action Plan. As global locations look ahead to a tech-driven economic recovery, governments that focus their investments and efforts in the right places will be in a better position to prevent cyberattacks and mitigate their damage through a robust digital infrastructure.
Beyond protection: cyber resilience drives economic growth
Cyber security is much more than an insurance policy against attacks. Cyber resilience, if implemented effectively, can help turbocharge long-term economic prosperity and innovation.
Cybersecurity markets across the world are already showing strong growth, and driving the creation of quality jobs for now and the future, underlining their importance at the heart of new economic eco systems:
- The Australian cyber security sector was valued at approximately $5.6 billion in 2020 and is set to increase to $7.6 billion by 20241.
- The APAC cybersecurity market was valued at $30.45 billion in 2019 and is expected to register a CAGR of 18.3% until 20252 (Source: Mordor Intelligence)
Digital transformation, crucial to accelerating economic recovery, requires a resilient cyber foundation to ensure security and trust. IDC predicts that 65 per cent of global GDP will be
digitalised by 2022, driving over $6.8 trillion of direct digital transformation investments from 2020 to 2023. 8 New technologies — AI, Big Data, cloud, and edge computing — are revolutionising the economy but security concerns risk slowing their adoption. According to Oxford Economics, these concerns mean companies may hesitate to start digital projects, thus
stifling their innovation potential.
Public investment to unleash cyber resilience’s potential
Recovery plans already adopted by governments recognise the magnitude of the challenge ahead. The Australian Government in the 2021/2022 Budget announced a $1.67 billion Cyber Security Strategy to improve cyber resiliency across the nation4.
Additionally, the Australian Government’s Defence Science and Technology Group is partnering with tertiary institutions such as the University of Adelaide, to research into incorporating emerging technologies such as artificial intelligence and machine learning, into cyber security applications5.
More than funding, securing business and public service infrastructure for the long term requires a different approach. Governments must shift focus from simple cybersecurity towards the adoption of risk-based cyber resilience strategies. As Jim Shook, Director of Compliance Practice (Dell Technologies) underlined at our recent flagship event, Dell Tech World 20216, cyber resilience is “a high level, holistic strategy that incorporates cybersecurity standards and guidelines and best practices across the organisation.” This approach allows for the construction of a safe, free, and fair digital space — one that protects public administrations, critical infrastructure, academic institutions, and citizens.
In addition to funding, governments are now well positioned to guide the private sector towards implementing a risk-based approach to security. For example, encouraging Cloud adoption blended with traditional data centres can help improve response to cyber-attacks by providing real-time visibility across networks, thus increasing business continuity.
We are undoubtedly at a crucial juncture in recovery planning, with the opportunity to lay robust digital foundations and empower a new wave of tech-driven infrastructure to thrive and survive for the years ahead. The pace and scale of cyberattacks even in the last twelve months is a warning that a digitally transformed economy and society can only be sustainable with cyber resiliency at its very foundation.
In the time it took to read this article, an estimated 30 cyber-attacks have taken place — each with the potential to damage national infrastructures, organisations, erode citizens’ trust and undermine the prospect of digital transformation. Reducing the economic and societal impact of cyber-attacks while driving growth and innovation, cyber resiliency is imperative to a sound and future-proof economic recovery.