CYBER CRIME BY THE NUMBERS

SCALE

VULNERABILITYExposure is only increasing as business processes evolve to become

more mobile, accessible, and agile.

Malware, ransomware, data breaches, and phishing are top of mind for most companies. As users, devices, applications, and data continue to move outside of the traditional enterprise perimeter and zone of control, attack surfaces will only expand. So, what are the realities of falling prey to a cyber attack?

1. 2017 Ponemon Institute Data Protection Risks & Regulations in the Global Economy Study, http://www.experian.com/assets/data-breach/white-papers/2017-experian-global-risks-and-regulations-study.PDF

2. https://blog.cloudmark.com/2016/01/13/survey-spear-phishing-a-top-security-concern-to-enterprises/ 3. https://www.av-test.org/en/statistics/malware/ 4. http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html5. Gemalto Breach Level Impact Report,

http://breachlevelindex.com/assets/Breach-Level-Index-Report-H1-2017-Gemalto.pdf6. 2016 Enterprise Phishing Susceptibility and Resiliency Report,

https://phishme.com/2016-enterprise-phishing-susceptibility-report/7. https://www.cyberthreatalliance.org/cta_analysis/cyber-threat-alliance-uncovers-cryptowall-version-4/

8. 2017 Ponemon Institute Cost of a Data Breach Study, http://info.resilientsystems.com/hubfs/IBM_Resilient_Branded_Content/White_Papers/2017_Global_CODB_Report_Final.pdf

9. Infocyte: The Breach Detection Dap and Strategies to Close It, https://www.infocyte.com/breach-detection-gap-conf

10. IDC InfoBrief, Sponsored by Akamai, Remote Access and Security, September 2017

11. Arxan: 2017 Study on Mobile and Internet of Things Application Security, https://www.arxan.com/2017-Ponemon-Mobile-Iot-Study

12. IDC InfoBrief, Sponsored by Akamai, Remote Access and Security, September 2017

13. CBS Money, https://www.cbsnews.com/news/byod-alert-confidential-data-on-personal-devices14. Cybersecurity Ventures: 2016 Cybercrime Report,

http://cybersecurityventures.com/hackerpocalypse-cybercrime-report-201615. https://www.technologyreview.com/s/425770/the-criminal-cloud16. https://heimdalsecurity.com/blog/10-surprising-cyber-security-facts-that-may-affect-your-online-safety17. Ponemon Institute, The Economic Impact of Advanced Persistent Threats

18. MMC Cyber Handbook 2016, http://www.mmc.com/content/dam/mmc-web/Global-Risk-Center/Files/MMC-Cyber-Handbook_2016-web-final.pdf

19. McAfee Net Losses: Estimating the Global Cost of Cybercrime, https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/attachments/140609_rp_economic_impact_cybercrime_report.pdf

20. SANS Institute: IT Security Spending Trends, https://www.sans.org/reading-room/whitepapers/analyst/security-spending-trends-36697

21. ISACA 2015 Global Cybersecurity Status Report, http://www.isaca.org/cyber/Documents/2015-Global-Cybersecurity-Status-Report-Data-Sheet_mkt_Eng_0115.pdf

22. MMC Cyber Handbook 2016, http://www.mmc.com/content/dam/mmc-web/Global-Risk-Center/Files/MMC-Cyber-Handbook_2016-web-final.pdf

The rate of evolution and volume of complex targeted threats continue to increase.

Despite this, only 38% of global organizations feel prepared for a sophisticated cyber attack, 21 and 25% of companies don’t even treat cyber threats as significant corporate risks. 22

The growing prevalence of mobile, cloud, hybrid WANs, direct Internet access, and IoT is only going to exacerbate this problem.

Existing security point solutions and applications are often reactive, inconsistent, and ineffective.

Companies must pivot from the common security mantra of “trust but verify” to “verify and never trust” in the new threat landscape.

The consequences of not proactively preparing for a targeted attack are enormous.

READ “5 MUST-ASK DNS QUESTIONS” AND VISIT AKAMAI.COM/ETP TO LEARN MORE.

As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale with more than 200,000 servers across 130 countries, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7 monitoring. To learn why the top financial institutions, online retail leaders, media and entertainment providers, and government organizations trust Akamai, please visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations. Published 01/18.

51%

93%91%

1.9BILLION

84% 250,000of organizations have had a global data breach in the

past five years. Of these, 56% say they had multiple

breaches.1

The threat landscape is becoming increasingly hostile, and the days of generic threats are over.

of cyber attacks and the resulting data breach begin

with a phishing attack.6

More than 250,000 new malicious programs are

registered every day.3

data records were leaked or stolen during just the first half of 2017, well surpassing a total

of 1.37 billion in all of 2016.5of phishing emails are

related to ransomware.4

CryptoWall version 4, a notorious ransomware virus, has so far resulted in $18 million in damages, 36,000+ confirmed victims, and 7.1 million attempted infections.7

of enterprises have suffered phishing attacks.2

$1.68

68%

$6 TRILLION

$18 MILLION

68%Global cost of cyber crime is predicted to hit $6 trillion

annually by 2021.14

of funds lost as a result of a cyber attack were

declared unrecoverable.16

of corporations have not considered the financial

impact of a cyber attack.18

Most organizations fold their security budgets and spending into another cost center, whether IT (48%), general operations (19%), or compliance (4%), where security budget and cost line items are combined with other related factors. Only 23% track security budgets and costs as its own cost center.20

191 DAYS

IoT

80%MOBILE APPS

71%40.8%

19% >40% Mean time to identify a

data breach is 191 days.8

of companies have 21–40% remote employees. 25.7%

have more than 40% remote employees.12

80% of IoT and 71% of mobile applications are not tested for security vulnerabilities.11

of breaches originate with authorized users accessing

unauthorized systems.10of data breaches are

self-detected.9

COST

The Internet economy annually generates

between $2 trillion and $3 trillion. It’s estimated that cyber crime extracts between 15% and 20%

of that value.19

Average cost of an APT data breach is $18 million;

50% is damage to brand reputation.17

The estimated cost of using existing cloud offerings to break into most Wi-Fi

networks is $1.68. It would take six minutes.15

SUMMARY

SOURCES

SOLUTION

Companies need real-time visibility

into the threats that could impact their

network.

Once a threat is identified, companies need a simple,

fast, and convenient method of mitigating

these attacks.

Companies must adopt a zero trust security model

to be successful in today’s ultra-competitive and

hyper-connected world.

More than 67% of employees use their own devices at work.13

As financial incentives for cyber criminals continue to climb, they will be increasingly patient, targeted, and persistent in their attacks.