Enter your email below to receive weekly updates from the Ashton College blog straight to your inbox.
It is estimated that cybercrime caused global financial losses of nearly $1 trillion over in 2020, representing an increase of 50% from 2018. There is no doubt that the number of cybercrime incidents will continue to rise and any individual or business that uses the internet can be a target. However, some industries are more frequently targeted than others and therefore have a constant need for skilled security professionals to help lower the threat.
Verizon conducted a comprehensive analysis of over 40,000 cybercrime incidents in 2020. Some of the most critical findings in their Data Breach Investigations Report included insights into who is most likely to be targeted by cybercrime and how.
Unsurprisingly, financial organizations are a prime target for cybercriminals with around 24% of all breaches being targeted towards them. These organizations have a lot of personal information, including social insurance numbers that can be used to commit fraud. Malicious attackers may also be able to gain fraudulent access to credit cards and other financial services by compromising a company within this industry.
Healthcare organizations are some of the most data-rich organizations in the world and they account for approximately 15% of all breaches. Hackers can use patient data to bribe an organization and the data can also be sold on to third parties easily.
A further 12% of breaches are within the public sector because they look after sensitive data. Though, some breaches are also related to hacktivism, which is a problem that is steadily on the rise. Although over 70% of cyber-attacks are financially motivated, not all hackers are looking for a payout. Hacktivists may be motivated to reveal classified information or block public access to a site to protest or affect change.
Retail and Accommodation Sector
The retail and accommodation sector together account for another 15% of breaches. Retailers for their abundance of personal and financial information, such as stored credit
card details. The accommodation sector also handles a lot of personal information that can be used for identity fraud.
The cyber-attacks you see hitting the headlines are those that have successfully targeted large and prominent businesses, such as Netflix, JP Morgan, and Target, but more than 70% of attacks are targeted towards small businesses.
Small and medium-sized businesses are particularly at risk as they typically have lower levels of security and hackers know that they can take advantage of this. Staggeringly, almost 50% of all small businesses have already experienced a cyber-attack, with an average loss of around $180,000 USD.
Small businesses are often lulled into a false sense of security by assuming they are too small or unimportant for cybercriminals to bother with. Unfortunately, that is not the case and as much as 60% of small and medium businesses that are attacked have gone out of business within six months, simply from being unprepared.
The most common technique used for cyber-attacks is hacking, accounting for 62% of all breaches. And 81% of these hacking-related attacks took advantage of either stolen or weak passwords.
Malware is also commonly used with over half of all breaches involving spyware and ransomware or malicious software such as a virus, worm or trojan horse.
Social engineering attacks also account for around 43% of breaches in which cybercriminals exploit human error by manipulating data out of individuals or employees through baiting, phishing, and tailgating. Therefore, security professionals must ensure that all employees within a company receive at least some sort of basic cybersecurity training.
With the increasing frequency and severity of attacks, cybersecurity professionals are in high demand. Formal training is available that can help you transition into the security industry to take advantage of this high demand.
With the help of TechnoEdge Learning, your Security+ Certification can be achieved in just 40 hours of online studying. The course provides all the foundational knowledge
needed for a career in cybersecurity and is a solid baseline certification in the profession. By completing CompTIA Security+ Training, IT professionals can build their core security skills and compete for more intermediate cybersecurity roles. Those wishing to get ahead in cybersecurity can then go on to complete a CompTIA CySA+ certification.
The CompTIA CySA+ training course is an analytics-based solution that IT professionals can use to evade hackers who are able to penetrate traditional security methods such as firewalls. This online course offers valuable knowledge and practical experience within areas of threat and vulnerability management, cyber incident response, and the security architecture and tools needed to prevent attacks.
With CompTIA Network+ Training, you will be better equipped to protect organizations through data analysis and identifying areas of risk. The training equips you with the skills to deliver practical solutions to help prevent future attacks.
Through cybersecurity education, you can make yourself more employable and help to prevent cybercrime from happening in your place of work.
The information contained in this post is considered to be true and accurate as of the date of publication. However, the accuracy of this information may be impacted by changes in circumstances that occur after the time of publication. Ashton College assumes no liability for any error or omissions in the information contained in this post or any other post in our blog.