Researchers from Lero, at the Science Foundation Ireland Research Centre for Software at the University of Limerick, have called for improved databases to better allow enterprises and insurers to counter cybercrime, which cost the global economy nearly $1tn in 2020.
In their latest academic paper, published in the Geneva Papers on Risk and Insurance, the Lero team has called for reporting of cybercrime to be made mandatory in all jurisdictions, with lead author Frank Cremer saying there is a also growing necessity for better cyber information sources, standardised databases and public awareness.
"Mandatory reporting of cyber incidents could help improve cyber understanding, awareness and loss prevention among companies and insurers," said Cemer, who also conducted the research in collaboration with the Institute of Insurance Science, TH Köln in Germany.
"Through greater availability of data, cyber risks can be better understood, enabling researchers to conduct more in-depth research into these risks."
Leo researcher Dr Barry Sheehan said most enterprises do not fully appreciate their vulnerability to cybercrimes and threats.
"Companies could incorporate this greater understanding of their exposure to cyber risk into their corporate culture to bolster cyber defences," he said.
"For insurance companies, this would have the advantage that all insurers would have the same understanding of cyber risks, which would support sustainable risk-based pricing. In addition, common definitions of cyber risks could be derived from new data."
Lero's Prof Martin Mullins said cybercrime increased 50% between 2018 and 2022, with the average insurance claim for cybercrime increasing from $145,000 to $359,000 in 2020.
"Because of the lack of publicly available datasets, the criminals have the advantage. The datasets we want to see developed can help companies address cybersecurity as part of risk management and better assess their internal cyber posture and mitigation measures," Prof Mullins added.
The call comes following a number of highly publicised cyber attacks, including the ransomware attack on the HSE last year; the recall of 1.4m vehicles and costs of €761m to car manufacturers following a Miller and Valasek-initiated cyber attack, and the NotPetya malware attack, originating in Russia, that cost at least $10bn to the global economy.
Zero Day Con
Ireland's biggest cybersecurity event, Zero Day Con, takes place at the Convention Centre Dublin today (10 March), with attendees to be told that cyber attacks have increased by a quarter in the past fortnight.
The event, hosted by Irish security service provider Smarttech247, will hear from keynote speaker Special Agent Laukik Suthar of the US NCIS, Garda Detective Chief Superintendent Pat Lordan and representatives from Microsoft, IBM, the Irish Prison Service and Getvisibility.
Topics of discussion at the event, taking place in-person for the first time since 2020, will include cyber warfare, the power of collective intelligence in cybersecurity, and securing critical infrastructure and the rise of national security threats.
"Business and industry needs to be extremely vigilant right now," Raluca Saceanu, COO of Smarttech 247, said.
The surge in activity has been detected around the world but Ukraine is seeing a particularly serious wave of cyber threats, especially increased phishing attacks, where hackers use sophisticated methods to convince people to click on a link.
"There is no room for complacency right now and tackling the problem requires focused monitoring and vigilance."
(Pic: Getty Images/Getty Images)