Changing Consumer Behaviour and Technological Advances : Global Commerce Challenges

Part
01
of two
Part
01

Cyber Threats and Cyber Crime - Effects on Retailers

The average cost of a data breach ranges from $3.86 million to $350 million in case of mega breaches. It takes 365 days for companies to detect and contain a mega breach. US companies have the highest cost per breach at $7.91 million.

CYBER-ATTACKS AND COST OF CYBERCRIME PREVENTION- GREAT BRITAIN

  • The British Retail Consortium reports that the expenditure on cybercrime prevention amongst its members has risen by 17%, from £139 million in 2018 to £162 million.
  • The BRC states that 80% of the surveyed retailers had experienced an increase in cyber attacks. The members of BRC control 11,000 stores and have £103 billion collective turn-over.
FREQUENCY AND COST OF RANSOMWARE- GLOBAL
  • Herjavec Group report states that a business fell victim to a ransomware attack every 40 seconds in 2016. In 2019, this is predicted to happen every 14 seconds while in 2021 it will go down to every 11 seconds.
  • Rod Rosenstein, the Deputy Attorney General, stated that ransomware attacks are focusing particularly on businesses, with the total amount of ransom payments nearing $1 billion annually.
  • Cybersecurity Ventures states that cybercrime is the biggest threat to every company in the world. They predict that the cybercrime will cost $6 trillion by 2021.
  • Cybersecurity Ventures also estimates that global spending on cybersecurity products will exceed $1 trillion in the period of 2017-2021.
COST OF DATA BREACHES-GLOBAL
  • An IBM study estimated that the global average cost of a data breach for businesses was $3.86 million in 2018; mega breaches cost businesses $40 million for 1 million records lost; while at 50 million records lost, this sum rises to $350 million per breach.
  • The IBM study estimated that it takes 365 days on average for companies to detect and contain a mega breach.
  • US companies have the highest average cost for a breach, at $7.91 million; Middle Eastern companies hold the second place at $5.31 million per breach; the lowest cost per breach was $1.24 million for companies situated in Brazil.
FULL PDF FILES OF IBM AND CYBERSECURITY REPORTS:
  • The full IBM Cost of Data Breach report can be found here.
  • The full Cybersecurity Ventures report can be found here.
Part
02
of two
Part
02

Cyber Threats and Cyber Crime - Effects on Financial Institutions

Among financial institutions, banks account for the most number of attacks (91%), followed by insurance companies (7%). According to the Ponemon estimates, U.S. financial firms have suffered a loss of around US$38 billion due to data breach in the period from 2015 to 2018.

Cyber Threats and Cyber Crime — Effects on Financial Institutions:

Proportion of Attacks on Financial Institutions:

  • Among financial institutions, banks account for the most number of attacks (91%), followed by insurance companies (7%).
  • Among banks, the main business lines targeted are retail banking activities (39%) and credit cards services (25%).
  • 8.5% of the total data breaches in 2018 involved the financial sector, including entities such as banks, credit card companies, credit unions, financial services, investment firms and trust companies, mortgage and loan brokers, payday lenders and pension funds.
  • Financial services firms are hit by security incidents about 300 times more frequently than any other businesses.
  • According to the Identity Theft Resource Center® (ITRC), 56% of financial institutions witnessed an increase in the number of DDoS attacks and 60% mentioned that the attacks are larger in 2018 as compared to 2017.
  • According to the Accenture’s 2018 State of Cyber Resilience report, financial services businesses stopped about 81% of attacks and only 19% of cyber attacks succeeded in 2018.
  • According to IBM, the financial sector was attacked 65% more often as compared to any other sector in 2016.

Impact of Cyber Attacks on Financial Institutions in Terms of US$:

  • According to a report published by Lloyd’s, a disruption of the top cloud provider in the U.S. would result in a loss of US$ 450 million for the financial sector.
  • According to the IMF, cyber-attacks on Fintech firms such as online exchanges allowing the trading of Bitcoins and providing wallet services have resulted in losses upto US$ 1,450 million in the period from 2013 to 2018.
  • According to the Ponemon estimates, U.S. financial firms have suffered a loss of around US$38 billion due to data breach in the period from 2015 to 2018.
  • The average cost to U.S. financial industry per record lost or stolen in a breach was $336.
  • A malware attack would cost around $825,000 on average to a financial business to resolve.
  • A DDoS attack, specifically targeted towards online banking services, would cost around $1,800,000 on average to a financial business to resolve.

Research Strategy:

Research Strategy:

We started the research with directly searching for quantitative and statistical insights that describe how the risks of cyber-threat and cyber-crime are affecting financial institutions through industry reports, market studies and research papers published by credible sources. We came across numerous reports by the International Monetary Fund (IMF), the Identity Theft Resource Center® (ITRC), Accenture and The Institute of International Finance. We have only included quantitative and statistical insights published by the above mentioned credible sources.
We have summarized the insights in the findings section.

Sources
Sources

From Part 02
Quotes
  • "The framework is applied in this paper to the available cross-country data and yields llustrative aggregated losses for the financial sector in the sample across a variety of scenarios ranging from 10 to 30 percent of net income."
  • "Among financial institutions, banks account for the bulk of the attacks (91 percent of the attacks), followed by insurance companies (7 percent). Among banks, retail banking activities (39 percent of the total) and credit cards services (25 percent) were the main business lines targeted."
  • "A recent report by Lloyd’s estimates that a disruption of the top cloud provider in the U.S. for 3 to 6 days could lead to losses of around USD 24 billion (Lloyd’s (2018)), with most losses occurring in the manufacturing and trade sectors, while losses for the financial sector would be limited to USD 450 Mn."
  • "In the dataset, cyber-related fraud accounts for 90 percent of reported losses."
  • "Cyber-attacks on Fintech firms (mainly online exchanges allowing the trading of Bitcoins and providing wallet services) have resulted in at least USD 1,450 Million in losses due to fraud since 2013"
  • "Applying the Ponemon estimates, losses due to data breach over the last three years would be around $38 billion for U.S. financial firms alone."
Quotes
  • "Data breaches are an ever-increasing threat to every industry, with the number of U.S. data breach incidents tracked in 2017 hitting a new record high of 1,579 breaches."
  • "Of the data breaches reported last year, 8.5 percent involved the financial sector, including entities such as banks, credit unions, credit card companies, mortgage and loan brokers, financial services, investment firms and trust companies, payday lenders and pension funds"
  • "In fact, financial services firms are reportedly hit by security incidents a staggering 300 times more frequently than businesses in other industries"
  • "A recent study discovered that 56 percent of financial institutions saw an uptick in the number of DDoS attacks waged against them in the previous year, and 60 percent said that attacks are larger than they were a year ago."
  • "While the average cost to U.S. businesses per record lost or stolen in a breach was $225 across all industries, the cost for businesses in the financial industry was $336"
  • "For example, a malware attack cost a financial business around $825,000 on average to resolve. However, when a financial company faces a DDoS attack, which specifically targets their online banking services, the business costs skyrocket to an average of around $1.8 million"
Quotes
  • "Accenture’s 2018 State of Cyber Resilience report finds Financial Services businesses stopped 81 percent of attacks in 2018, compared with 66 percent in 2017. This means only 19 percent of cyber attacks succeeded this year."
Quotes
  • "According to IBM, the financial sector in 2016 was attacked 65% more often than any other sector, resulting in more than 200 million records being breached, a 937% increase over 2015 when just under 20 million were breached."