Cybercrime has always enjoyed excellent health and the pandemic has done nothing but shift the balance of the digital struggle between good and evil even more in favor of attackers. If the latter had to worry almost exclusively about who, how and when to attack using the emergency context, the defenders had to rethink perimeters, countermeasures, organizations and paradigms in a very short time. The result? Yet another record year of cybercrime.
Between malware, ransomware and phishing, cybercriminals have had easy game in exploiting the digital cracks of companies struggling with the need to reorganize, the boom of remote work and the rationalization of budgets. The 2020, not surprisingly, signals the 2021 report on Clusit elaborated by the Italian Association for Information Security, recorded 1,871 serious attacks globally. And don’t forget that we’re only talking about those in the public domain. Digital crime has exploited the situation of collective unease to hit the victims and in some cases also the extreme difficulty experienced by some sectors. Think for example of the healthcare sector, where 55% of Covid 19-themed attacks were perpetrated for the purpose of unscrupulous extortion of money.
The increase in attacks and the scale of offensives have further raised the decibels of the alarm bells, especially in companies. Despite the slowdown in the pace of growth, the Italian cybersecurity market has in fact continued its run also in 2020. According to estimates by theCybersecurity & Data Protection 2021 Observatory developed by the School of Management of the Politecnico di Milano, in the year of the pandemic, the turnover of solutions and services for digital defense grew by 4% per share 1.37 billion euros, however, recording a weaker performance than the double-digit increase of the previous year (+ 11% between 2018 and 2019). In fact, the economic-health emergency has forced companies to review the budgets for the fight against cybercrime: 19% of Italian companies have reduced investments compared to 2019 and at the same time the share of companies that have increased them has dropped since 51% to 40%.
Companies today recognize a greater strategic value to information security. However, the experts of the Digital Innovation Observatories report, there is still one more to be discounted poor organizational maturity. Currently, in fact, only 41% of Italian companies attribute the responsibility for security to a chief information security officer. In 25% of cases, the cybersecurity function is headed by the chief information officer, in 13% by a chief security officer or a security manager, while in the remaining cases it is managed by another company figure (19%), or even there is no specific figure (2%). Another fact that raises more than a few concerns concerns the level of involvement of the board of directors on IT security issues: in 38% of cases no communication to the board is envisaged.
.