Global cybercrime to cost firms $6 trillion

KAMPALA. Public and private institutions around the world are projected to incur $6 trillion by 2021 in curbing cyber threats.
This is contained in a 2017 report by Cyber security ventures.
Speaking during a workshop organised by Sai Pali Institute of Technology and Management and Nemko in Kampala on Tuesday, Mr Ajay Sinha, the president of Grand Global Limited, a liability company in the United States of America, said the report explained dimensions through which most cybercrimes end up.
It indicated ransomware, destructive, cyberwarfare and espionage as the prevalent avenues of cyber threats globally, which will cost $6 trillion by 2021, up from $3 trillion in 2015.
Noting that Uganda has not yet seen many cases of cyber-attacks, Mr Sinha said mobile threats are most likely owing to ignorance in cybercrimes while corporate espionage, aimed at stealing information from companies in existence in order to beat the competition.
“Mobile threats could be the biggest cybercrimes in Uganda because many people use their phones without cyber security because they do not know about it plus company’s data, trying to steal information.
“When a company is young, the only way to get ahead in the game is to steal data from another company. It may come from within Uganda or outside Uganda trying to help a company with interest in Uganda,” he said.
He encouraged companies to invest in being proactive through training employees to be more technologically skilled because the end user tends to be the weakest link used to infiltrate a company.
He also advised companies to engage an information security management system as a proactive move towards the fight against cybercrimes.
The standard ISO 27001 is a ten clause requirement that is inclusive of all employees with emphasis on top management geared toward managing, monitoring risk assessment and auditing to determine the best information security management system.

Call to top managers
Mr Morten Celius, the lead auditor at Nemko in Norway urged top management to be more involved in the security of their companies because it is a very crucial segment of their business which the Information security management system (ISMS) makes easier by integrating different management systems.
“Top management should demonstrate leadership and commitment. If there is no management committee, it is difficult to operate a good information system,” he said.
He also said a good ISMS guarantees protection of people, reputation, clients and brand, propelling a competitive advantage for the company.
Legal and contract compliance is also enforced since the ISMS takes into consideration all laws that are pertinent in the security of the company.