According to Cybersecurity Ventures, cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. To put the size of the problem in perspective, cybercrime is more profitable than the global trade of all illegal drugs and ranks globally around the gross domestic product (GDP) of the top 5 economies of the world. In fact, cyberattacks are the fastest growing crime in the U.S. and they are increasing in size, sophistication, and cost. This trend will not slow down anytime soon. Individual bad actors, criminal organizations, and rogue nation-states know that as the number of endpoints and the creation of data grows exponentially around the world, the attack surface grows, and as a result the opportunity for hackers to exploit any weakness in cybersecurity for economic gain.
The costs of cybercrime include:
- Damage and destruction of data
- Stolen money
- Lost productivity
- Theft of Intellectual property
- Theft of personal and financial data
- Post-attack disruption of the normal course of business
- Forensic investigation
- Restoration and deletion of hacked data and systems
- Damage to reputation
Virtualarmour.com reports that “in 2019, governments and companies in the United States faced a barrage of ransomware attacks. In all, 103 federal, state, and municipal government agencies, 759 healthcare providers, and 86 universities, colleges, and school districts were impacted by ransomware attacks.”
Cybersecurity – Defending Against a Clear and Present Danger
As a result of the threat, there is an unprecedented growth in spending to combat cybercrime. Cybersecurity Ventures estimates that spending on cybersecurity will exceed $1 trillion cumulatively for the five years from 2017-2021.
Beyond the investment in hardware and software to defend against cyberattacks is the need for skilled cybersecurity professionals in organizations of all sizes. It is estimated by Palo Alto Networks Research Center that there will be a shortage of 3.5 million unfilled cybersecurity positions by 2021 and that the cybersecurity unemployment rate will remain at zero percent. Harvard Business Review supports this worldview stating that “cybercriminals are becoming increasingly more organized and aggressive while the teams defending against these attacks are struggling to fill their ranks.” IBM, as an example, is addressing the talent shortage by prioritizing “skills, knowledge and a willingness to learn over degrees and the career fields that gave people their initial work experience.” They have recognized that people can pick up “the technical skills through on-the-job training, industry certifications, community college courses and modern vocational and skills education programs.”
For now, the good news for people getting into the field is that scarcity leads to competition and competition for skilled employees leads to increased pay. The Computing Technology Industry Association (CompTIA) estimates that the median annual salary for a Cybersecurity Specialist, based on experience, is:
- Beginner $80,251
- Intermediate $94,379
- Advanced $105,033
Pulling it all Together
The problem of cybercrime is not going away anytime soon. Given the rapid expansion of endpoints around the globe and the exponential growth of data as a result of an ever more digitized society, the attack surface and payout for cybercriminals is too much to resist. Organizations are ramping up their spend to sure-up their defenses, but the biggest issue is the shortage of skilled cybersecurity specialists and technicians to prevent and respond to cyberattacks.