What Is Cybersecurity
What Is Cybersecurity
What Is Cybersecurity
What is cybersecurity?
It’s what organizations do to protect their own and their customers’
data from malicious attacks.
April 2023
Hot data. The internet isn’t always a safe — Phishing involves a bad actor sending a
space. Cyberattacks are on the rise, and there’s no fraudulent message that appears to come from
indication that they will stop anytime soon. a legitimate source, like a bank or a company, or
from somebody with the wrong number. Phishing
As a result of this uptick, everyone is on red alert: attacks are made through email, text, or social
consumers are paying more attention to where their networks. Typically, the goal is to steal information
data goes; governments are putting regulations in by installing malware or by cajoling the victim
place to protect their populations; and organizations into divulging personal details.
are spending more time, energy, and money to
guard their operations against cybercrime. — Man-in-the-middle attacks are incidents in
which an attacker comes between two members
For organizations, the increasing awareness of of a transaction to eavesdrop on personal
cyber risk, by consumers and regulators alike, information. These attacks are particularly
doesn’t have to spell trouble. In fact, the current common on public Wi-Fi networks, which can
climate could present savvy leaders with a be easily hacked.
significant growth opportunity. McKinsey research
indicates that the organizations best positioned — Denial-of-service attacks flood systems with
to build digital trust are more likely than others to traffic to clog up bandwidth so that they can’t
see annual growth of at least 10 percent. fulfill legitimate requests. The goal of this type of
attack is to shut down systems.
What’s the current state of cybersecurity for
consumers, regulators, and organizations? And how — Password attacks are mounted by
can organizations turn the risks into rewards? Read cybercriminals who try to steal passwords by
on to learn from McKinsey Insights. guesswork or trickery.
2 What is cybersecurity?
vulnerabilities to wreak havoc on computer systems. evolve and adapt their cybersecurity approach.
The Internet Crime Complaint Center of the US Many organizations don’t have enough knowl
Federal Bureau of Investigation (FBI) reported a edge, talent, and expertise on cybersecurity. The
nearly 50 percent increase in suspected internet shortfall is growing as regulators increase their
crime in 2020 from 2019. Reported losses monitoring of cybersecurity in corporations.
exceeded $4.2 billion.
These are the three cybersecurity trends McKinsey
predicts for the next few years. Later in this
Which cybersecurity trends are Explainer, you’ll learn how organizations can stay
projected over the next three to ahead of the curve.
five years?
Cyber risk isn’t static, and it never goes away. Only
by taking a dynamic, forward-looking stance How are regulators approaching
can companies keep up with the state of play and cybersecurity?
mitigate disruptions in the future. These three As high-profile cyberattacks catapult data security
major cybersecurity trends may have the biggest into the international spotlight, policy makers are
implications for organizations: paying increased attention to how organizations
manage the public’s data. In the United States, the
1. On-demand access to ubiquitous data and federal government and at least 45 states and
information platforms is growing. Recent shifts Puerto Rico have introduced or considered more
toward mobile platforms and remote work than 250 bills or resolutions that deal with cyber
require high-speed access to ubiquitous, large security. In Europe, the General Data Protection
data sets. This dependency exacerbates the Regulation levies fines of up to 4 percent of global
likelihood of a breach. Organizations collect turnover against companies that fail to protect
more data than ever about their customers, so their customers’ data.
such a breach could be especially costly. To
store, manage, and protect the data, organiza
tions need new technology platforms. How can US organizations prepare for
new cyber regulations?
2. Hackers use AI, machine learning, and other Some of the most significant compromises of
technologies to launch increasingly essential services or information in recent years
sophisticated attacks. Gone are the days of the have involved attacks against large US companies.
hacker in a hoodie working alone in a room with In 2021, the FBI received the highest number of
blackout shades. Today, hacking is a multibillion- cybercrime complaints and reported total losses in
dollar industry, complete with institutional history: nearly 850,000 complaints, reflecting
hierarchies and R&D budgets. Attackers using more than $6.9 billion in losses. New legislation will
advanced tools such as AI, automation, and influence how companies report and disclose
machine learning will cut the end-to-end life cybercrime and how they govern their efforts
cycle of an attack from weeks to days or to fight it.
even hours. Other technologies and capabilities
are making known forms of attacks, such as There are three steps US organizations can take to
ransomware and phishing, easier to mount and help prepare for new regulations.
more common.
— Readiness. Companies can increase their
3. The growing regulatory landscape and readiness for cyberattacks by double-checking
continued gaps in resources, knowledge, and their ability to detect and identify them and
talent mean that organizations must continually creating clear reporting processes. Existing
What is cybersecurity? 3
Companies can increase their
readiness for cyberattacks by double-
checking their ability to detect
and identify them and creating clear
reporting processes.
processes should be tested and refined through penetrated. The total opportunity is a staggering
simulation exercises. $1.5 trillion to $2 trillion.
— Response. Companies can upgrade their Given current trends, cybersecurity providers can
response to cyberattacks by improving focus on four key areas:
their ability to identify, contain, eradicate, and
recover from them. They can, for example, Cloud technologies. For the foreseeable future,
establish crisis nerve centers, hire outside migration to the cloud will continue to dominate the
experts to cross-check their plans, and technology strategies of many organizations.
implement protocols to use alternative support Providers should therefore be able to protect both
and services during an attack. general and specialized cloud configurations.
How can cybersecurity technology and Artificial intelligence. There’s huge potential
service providers help? for innovative AI and machine learning in the cyber
Cyberattacks are on track to cause $10.5 trillion a security space. But operators struggle to trust
year in damage by 2025. That’s a 300 percent autonomous intelligent cyberdefense platforms and
increase from 2015 levels. To protect against the products. Providers should instead develop AI
onslaught, organizations around the world spent and machine-learning products that make human
around $150 billion on cybersecurity in 2021, and analysts more efficient.
this sum is growing by 12.4 percent a year. But
even that is probably not enough: threat volumes Managed services. Demand for full-service
are predicted to rise in coming years. offerings is set to rise by as much as 10 percent
annually over the next three years. Providers
The gap between the current market and the total should develop bundled offerings that include hot-
addressable market is huge; only 10 percent of button use cases. And they should focus on
the security solutions market has currently been outcomes, not technology.
4 What is cybersecurity?
What is ransomware? What kind of the organization’s computer network—are
damage can it do? not trusted by default and must prove their
Malware that manipulates a victim’s data and holds trustworthiness. ZTA shifts the focus of
it for ransom by encrypting it is ransomware. In cyberdefense away from the static perimeters
recent years, it has achieved a new level of sophisti around physical networks and toward users,
cation, and demands for payment have rocketed assets, and resources, thus mitigating the risk
into the tens of millions of dollars. The “smash and from decentralized data.
grab” operations of the past have morphed into
a long game: hackers lurk undetected within their — Behavioral analytics. These tools can monitor
victims’ environments to find the most valuable employee access requests or the health of
information and data. And the situation is predicted devices and identify anomalous user behavior or
only to worsen: the market research organization device activity.
and Cybercrime Magazine publisher Cybersecurity
Ventures estimates that the cost of ransomware — Elastic log monitoring for large data sets.
could reach $265 billion by 2031. Here are some Thanks to advances in big data and the Internet
specific costs that companies have faced as a result of Things (IoT), data sets are larger than
of ransomware attacks: ever. The sheer volume of data that must be
monitored makes keeping track of who’s
— Colonial Pipeline paid a $4.4 million ransom accessing it all the more challenging. Elastic log
after the company shut down operations. monitoring allows companies to pull log data
from anywhere in the organization into a single
— Global meat producer JBS paid $11 million. location and then to search, analyze, and
visualize it in real time.
— Global insurance provider CNA Financial paid
a reported $40 million. — Homomorphic encryption. This method allows
users to work with encrypted data without first
— A ransomware attack on US software provider decrypting it, thus giving third parties and other
Kaseya targeted its remote computer collaborators safe access to large data sets.
management tool and endangered up to 2,000
companies around the world. — Risk-based automation. As digitization levels
increase, organizations can use automation
These figures don’t include costs such as to handle lower-risk and rote processes, freeing
payments to third parties—for instance, law, public- up other resources for higher-value activities.
relations, and negotiation firms. Nor do they
include the opportunity costs of having executives — Defensive AI and machine learning for
and specialized teams turn away from their day- cybersecurity. Since cyberattackers are adopting
to-day roles for weeks or months to deal with an AI and machine learning, cybersecurity
attack or with the resulting lost revenues. teams must scale up the same technologies.
Organizations can use them to detect and fix
noncompliant security systems.
What can organizations do to mitigate
future cyberthreats? — Technical and organizational responses to
ransomware. As the sophistication, frequency,
Cybersecurity managers ought to consider the
and range of ransomware increase, organizations
following capabilities, which should be adjusted to
must keep up with it.
the unique contexts of individual companies.
What is cybersecurity? 5
software from inception. Security and about how it established a security champions
technology risk teams should engage with program to help its employees make security
developers throughout each stage of a top priority.
development. Security teams should also adopt
more systematic approaches to problems, To raise awareness of security issues and create a
including agile and kanban. robust security culture, MongoDB rebooted its
security champions program during the pandemic.
— Infrastructure and security as code. As of October 2022, the program had hosted
Standardizing and codifying infrastructure and more than 20 events, bringing employees together
control-engineering processes can simplify to learn about security through scenario planning
the management of complex environments and and to participate in team-building activities, like
increase a system’s resilience. capture the flag.
6 What is cybersecurity?
analyst at MongoDB. “For example, in our phishing- For a more in-depth exploration of these topics,
simulation campaigns, we look at how many see McKinsey Digital’s Cybersecurity collection.
people clicked on a phishing link. We look at event Learn more about McKinsey’s Risk & Resilience
attendance and reported vulnerabilities. Practice—and check out cybersecurity-related
And, importantly, we communicate our progress job opportunities if you’re interested in working
with leadership.” at McKinsey.
What is cybersecurity? 7
— “Securing your organization by recruiting, hiring, — “Ransomware prevention: How organizations
Find more content like this on the
and retaining cybersecurity talent to reduce can fight back,” February 14, 2022, Jim Boehm,
McKinsey Insights App
cyberrisk,” June 29, 2022, Venky Anant, Michael Franz Hall, Rich Isenberg, and Marissa Michel
Glynn, Justin Greis, Nick Kosturos, Ida
Kristensen, Charlie Lewis, and Leandro Santos — “The unsolved opportunities for cybersecurity
providers,” January 5, 2022, Bharath Aiyer,
— “Cybersecurity legislation: Preparing for Jeffrey Caso, and Marc Sorel
increased reporting and transparency,” June 17,
2022, Tucker Bailey, Justin Greis, Matt Watters,
and Josh Welle
Scan • Download • Personalize
8 What is cybersecurity?