Cybercrime has become the third most common type of economic crime in the UK as business and public sector organisations struggle in the face of spending cuts, according to PricewaterhouseCoopers (PwC).
This is helping to drive an overall rise in economic crime in the UK, and is contrasted with a fall in levels of the top conventional economic crimes of asset theft, down 8% since 2009, and accounting fraud, down 5% since 2009, according to PwC’s latest global economic crime survey.
The study, which polled more than 170 UK organisations, found that 26% of those which experienced an economic crime in the past 12 months reported a cybercrime.
“This is a dramatic finding and marks the promotion of cybercrime to the premier league of fraud,” said Tony Parton, forensics partner at PwC.
As well as direct financial costs, there are other commercial consequences of cybercrime, such as reputational/brand damage, poor employee morale or service disruption, he said.
William Beer, director, cybersecurity services at PwC, said organisations face serious threats from cybercriminals from within, as well as externally.
“It’s clear that senior executives need to take these risks more seriously: worryingly, almost four in ten respondents say their organisation doesn’t have the capability to prevent and detect cybercrime. On top of this, we’ve discovered that organisations might not be clear about exactly what cybercrime is, who it affects, and what they need to do to protect themselves,” he said.
Since the rise of the internet, people have traditionally perceived cybercrime as an external threat, and 46% of UK respondents have a similar perception, the survey found.
Those who said cybercrime originated from sources outside the UK perceived Hong Kong and China, India, Nigeria, Russia and the US as the top threats. But the survey results suggest that the perception of cybercrime is changing, and that organisations are now recognising the risk of cybercrime coming from within.
Some 83% of respondents feared reputational damage as the biggest consequence of cybercrime.
"Reputational damage strikes an organisation at its core,” said Beer.
The effects can seriously damage the perception of a brand, leading to loss of market share, and as society becomes less tolerant of unethical conduct, businesses need to ensure they place a premium on building public trust, he said.