With the advancements in the IT industry, the world has moved into an era where even nuclear power plants may get affected by the pieces of code that may be written by a teenager. This dimension of modern attacks got spotlighted by StuxNet; a malware that damaged the centrifuges that enriched Uranium in Iran. The StuxNet malware exploited a zero-day vulnerability on Windows computers to infect computers that served as PLCs for automating and managing electro-mechanical equipment such as the centrifuges. This is one great example of how devastating a cyberattack can be. 

Although an attack exploiting a zero-day vulnerability is very rare, different forms of cyber attacks take place around the globe every second. According to the Kaspersky cyberthreat real-time map, South Korea ranked as No.35 most attacked country on 7th February 2023, details of which is illustrated in Figure 1.

Figure 1. Kaspersky cyberthreat map as at 3.03 PM KST on 7th February 2023

As you may have noticed, the number of attacks is quite significant and expected to grow over the coming years. The extent of the damage these attacks can cause vary significantly based on various parameters such as the nature of the attacks, motives and exploited vulnerabilities. A data breach can cost an organization in the form of direct financial impacts, fines, remediation costs and loss of reputation. A report published by the Ponemon Institute and IBM Security, reported that the average global total cost of a data breach is $4.35 million which has risen 14.8% compared to 2015. Moreover, their report highlighted that as much as 83% of global organizations faced at least one data breach (Figure 2). Such data breaches were so difficult to detect and contain, in fact, it took at least 277 days on average for that process.  With rising data security standards across the world, the cost of a data breach is expected to grow over the next couple of years.

Figure 2. Key facts about the cost of data breaches extracted from the report cost of a Data Breach Report 2022 by Ponemon Institute and IBM Security.

The companies across the world have started investing more on cyber security with firms investing a significant portion (21%) of their IT budget on cybersecurity. This trend was observed among technology, financial services and energy sectors as they were the most targeted by the hackers according to Hiscox Cyber Readiness Report 2022. Consequently, the demand for the cybersecurity professionals and cybersecurity related services are expected to grow over the years to come.