Cybersecurity has become a concern for organizations large and small. Today, we are living in an ultra-connected and highly networked environment where we can clearly witness the huge transfer of data that has become a norm in everyday life. However, this proliferation of the digital age is also bringing risks and new dangers which we did not quite account for, such as cybercrime, cyber theft, cyber espionage, ransomware, etc. While cybercrime is not a new topic, it has gained relevance in recent years given the increased number of attacks and media coverage. To highlight its importance, the World Economic Forum’s 2021 Global Risk Report states clearly that cyber risks are moving up the ranking of the world’s biggest threats. Thus, as a society, we need to investigate the fragile nature of the digital space — and its implications for both major corporations and SMEs.
Cyber attacks do not operate within the same country domains, and neither do they comply with any regulation. Organizations on the other hand have to maneuverer their way through different recognized and accepted regulations such as General Data Protection Regulation (GDPR). These data protection regulations have become increasingly popular and demanded which on the organizations’ side, who struggle to defend and protect themselves from cyberattacks, have created conflicting and costly priorities hindering their defense mechanisms. In this context, policymakers need to weigh in their decisions to establish policies that increase protection but also decrease regulation complexity.
While organizations must establish mechanisms to deal with cyber threats on their own, they also need to think about the protection mechanisms of other parties with whom they cooperate and share data. It is estimated that by 2021 there will be 27.1 billion connected devices facilitated by 5G and the Internet of Things. However, the concentration of the market on only a few technological providers can pose an ideal opportunity for cyber attackers to gain an advantage on the digital supply chain. Given this heavy reliance on IT providers and their series, organizations must assess the threat of exposure and take steps to establish resilience mechanisms that protect them against threats. Collaboration among all parties is needed to ensure the same level of understating of digital assets.
Ultimately, the goal of every government and organization is to catch cybercriminals before they cause harm. However, the likelihood of detection is estimated to be as low as 0.05% in the US. In some countries, this percentage is even lower. Detecting criminal activity is really challenging, even if notorious tactics are used – proving someone did something is a rare case. However, the cybercrime business is a growing business and with the further advancement of technological tools and sophistication of software makes these malicious services more accessible and affordable to anyone who wishes to hire a cybercriminal. Therefore, collaborative and joint efforts are needed between policymakers and organizations to establish internationally accepted regulations in pursuing cyber criminals.
As long as we will have access to the internet and digital tools, cybercrime will persist. We need to adapt and take cautious steps by planning, preparing and educating ourselves and employees to prevent them. Being a global challenge, joint communication is needed between regulators, policymakers and organizations to help succeed in this daily fight.