Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Aug 29, 2017

Key Data on Why Cybersecurity is Everyone’s Business

Cybersecurity is an emotional issue even for the toughest business executive – so much so that the fear of getting hacked may not be enough to override the fear of borrowing trouble.

It can be easier to think, “This won’t happen to us”. But it probably will.

“There are so many threat actors and so many vulnerabilities that relatively few leaders are willing to stick their heads out for fear that they’ll be chopped off if and when a breach happens,” surmises Scott Shackelford, cybersecurity program chair at IU-Bloomington. And as long as the threats remain abstract, as long as the attacks keep happening to someone else, it’s easy for executives to keep cybersecurity sequestered in the IT department.

Data can focus your executives’ attention on why and how to educate your entire organization on data security protection. Let’s start with a look at some numbers from the Federal Bureau of Investigation:

  • CEO and executive fraud cost organizations more than $2.3 billion in since 2013. Reported incidents are up 270%.
  • Business Email Compromise (BEC) scams increased 2,370% over a two-year period ending in December 2016. The average loss is $130,000.
  • About 1 in 4 email wire transfer fraud targets actually wire the money.

Beyond the direct financial impact of cybercrime, there’s another layer of costs:

Threat awareness and cybercrime crisis management training is crucial, per the FBI.

In a recent PSA, the Bureau states: “Businesses with an increased awareness and understanding of the BEC/EAC (Email Account Compromise) scam are more likely to recognize when they have been targeted by fraudsters, and are therefore more likely to avoid falling victim and sending fraudulent payments. Businesses that deploy robust internal prevention techniques at all levels (especially for front line employees who may be the recipients of initial phishing attempts) have proven highly successful in recognizing and deflecting BEC/EAC attempts.”

Share this information with the C-suite to establish the true cost – in time and money – of cybercrime. Then you can make the case for creating an organization-wide prevention, awareness and training program for the entire organization.

 

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Aug 29, 2017

You may also like:

Take 3: Email Security Risk Assessment Program

As promised in my last ESRA update blog,…

As promised in my last ESRA update blog, we are now ready to… Read More >

Matthew Gardiner

by Matthew Gardiner

Senior Product Marketing Manager

Posted Aug 02, 2017

Prioritizing Cyber Resilience Preparedness

Cyber Resilience Preparedness:   Wh…

Cyber Resilience Preparedness:   Why it Needs to be a P… Read More >

Neil Murray

by Neil Murray

CTO and Co-Founder

Posted Aug 07, 2017

How to Get Everyone Involved in Cybersecurity

Security professionals have a saying: “T…

Security professionals have a saying: “The attacker only has… Read More >

Peter  Andersen

by Peter Andersen

Mimecast Contributing Writer

Posted Jun 25, 2017