Think investing in security is pricey? The cost of breaches is worse

Image credit: Ilkin Zeferli /

Just in case anyone thought that the world was not taking security seriously enough, Juniper Research has predicted that spending on cyber security will be a $134 billion a year market by 2022. This figure, to be fair, is not just on one aspect of security, but covers ‘digital transformation’ as a whole. This includes the IoT in all its various forms, as well as financial services, mobile operators and enterprises.

While $134 billion is an eye watering amount of money in (almost) anyone’s book, it should be weighed against the potential cost of cyberattacks. Juniper calculates that the cumulative cost of data breaches runs over $8 trillion. If that seems high, remember that Maersk believed that the NotPetya attack on its organization cost the company between $200 and 300 million. And that’s just one company.

Even though Maersk was able to survive the attack that was designed for a state (Ukraine) by reverting to manual processes and replacing and rebuilding thousands of servers and PCs in a matter of days, Maersk chairman Jim Hagemann Snabe is not optimistic about the future.

Talking at the Word Economic Forum in 2017, he warned that “in the near future, as automation creates near-total reliance on digital systems, human effort won’t be able to help such crises.”

He also noted that the internet was not designed to support the applications that now rely on it, and said, “There is a need for a radical improvement of infrastructure.”

The good news is that the security threat isn’t being ignored. Obviously companies (70% of them mid-sized organizations) are prepared to throw money at the problem.

The bad news is that the attacks will only increase in severity and sophistication. This is particularly true as governments increasingly fund the development and deployment of cyber tools to paralyze other enemy (or or at least friendly but irritating) states.

As usual, the attacks will target vulnerabilities. And these vulnerabilities will, inevitably, come from companies whose first concern is not security. Companies that make kettles make kettles, companies that make cars, even connected ones with 150 million lines of code in them, make cars. And people who are looking for those vulnerabilities will look there first.

Let us hope that this massive (33% a year) increase in security spending will be enough to keep the threat to manageable levels (although damage costs in the trillions hardly seems ‘manageable’).

The other thought, of course, is that cyber security may be the career path of choice, if you are worried about all those jobs that AI will be taking. Or it may be an application tailor-made for AI itself.

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.