As a result, they’re not prepared to protect themselves or their organizations. Indeed, they often exempt themselves from the anti-phishing training their workers do and from security protocols such as multifactor authentication that cover the rest of the organization.
“They say, ‘We do the employee training and send them the phishing emails every month to see who’s clicking on those, but me, as a senior leader, I’ll just skip that,’” Sachs said.
Cybercrime Is the World’s Third-Largest Economy
Cybercrime is expected to be a $7.9 trillion industry in 2023. If it were an economy, it would be the world’s third-largest, behind only the United States and China, according to data gathered by Cyber Nation Central, which advises boards and C-suite executives on cybersecurity readiness.
Cetnarski argued that the typical U.S. organization has a “probability-adjusted” risk of incurring a $1.8 million hit to its bottom line over the next year, explaining that the average breach cost in the United States will hit $9.85 million this year, according to IBM, and that an organization’s chance of being breached is 37.5 percent over the next two years.
EXPLORE: How historical trends can improve the cyber risk assessment processes.