Upgrade now or face being overrun by criminals with more advanced tools, RAND report warns businesses
The ever-increasing cost of keeping businesses safe online has been highlighted in a new report which advises companies not to wait too long to upgrade as the costs may be surprisingly high.
A study by RAND and Juniper Networks has warned that the current security tools many businesses have in place will not be able to keep up with the pace of cybercrminal advancement, leaving them open to attack.
Overall, RAND’s model projects that the cost to businesses in managing cybersecurity risk will increase 38 percent over the next 10 years.
RAND’s report, entitled “The Defender’s Dilemma: Charting a Course Toward Cybersecurity”, found that chief information security officers (CISOs) often face a ‘chaotic and confusing landscape’ when trying to find the most efficient and cost-effective way to manage the risks posed by security to their business.
Most troubling, the research indicates that although many companies are spending increasing amounts on cybersecurity tools, most are not confident that these investments are making their infrastructure secure.
As attackers constantly develop workaround to new security technologies like threat intelligence feeds and next-generation detection systems, RAND’s model found that over time the effectiveness of these technologies could fall by an average of 65 percent over 10 years.
Surveying a number of CISOs from large multi-national organisations from Europe, North America and APAC with over $100m in revenue, the report also found that the number of software vulnerabilities that exist or go unpatched are a major issue for many businesses.
If if the frequency of such software vulnerabilities could be reduced by half, the overall cost of cybersecurity to companies would decrease by 25 percent, RAND believes.
“Cybersecurity is one of the biggest economic and national security challenges facing the world, and the UK is no exception,” said Steve Jacques, consulting engineer, security, Juniper Networks.
”As companies invest heavily in innovative connectivity technologies, giving rise to the Internet of Things (IoT), they also need to consider smart security investments to mitigate complex, dynamic cyber threats. According to recent Government research, the average cost of the most severe online security breaches for big business now starts at £1.46 million – up from £600,000 in 2014.
“What’s clear is that in order for organisations to turn the tables on attackers, they need to orient their thinking and investments toward managing risks in addition to threats.”
How well do you know Internet security? Try our quiz!