For HomeFor BusinessFor Partners
Business Insights
5 min read

Study Finds Surprising Similarities Between Cyber-Risk and Problem Gambling

Filip Truta

October 02, 2019

Study Finds Surprising Similarities Between Cyber-Risk and Problem Gambling

Company officials who neglect email security -- a corporation’s greatest cyber vulnerability -- would fare extremely poorly if they brought the same approach to the poker table, according to new research that draws parallels between cybersecurity and the infamous high-stakes game.

The risks of failing to implement proper email security seriously outweigh any benefits, according to the 'Odds of a Bad Bet' report by Wire. Enlisting the help of a poker champion and various cybersecurity experts, researchers assessed the odds of falling prey to cyberattack, the business cost of such an account, and the 'best bet' of future-proofing against an attack.

A notable, but not very surprising, finding is that a company’s weakest links are its email and its people. An employee is three times more likely to infect a colleague with a malicious email than they are to spread the flu to their partner, the report says. Employees are also extremely bad at spotting phishing emails – their chances of spotting one are about as slim as hitting a specific number on the roulette wheel.

“Email offers the most significant access point for criminals by exploiting a human fallibility -- the inability to spot malicious emails. Just as with gambling, the outcomes are influenced by people and their judgement. The fact that employees are unable to discern malicious emails from safe ones, points to the inherent vulnerability of email,” the report’s authors said.

Other interesting parallels between real-life scenarios and the business world include:

  • The chances of your business avoiding a malware attack are as low as the chance of pulling the Ace of Spades from a shuffled deck
  • A company has a 50% chance of suffering a costly DoS (denial of service) attack -- effectively the same as the flip of a coin
  • A company is over 10 times more likely to suffer a week of downtime from a ransomware attack than you are to suffer a house fire
  • Your business is five times more likely to suffer a debilitating ransomware attack than you are to be involved in a car accident
  • The chances of your business suffering a costly ransomware attack are the same as a hurricane hitting Florida next year
  • You're almost as likely to go out of business due to a cyber-attack as your startup is to fail because it didn't get the next round of funding

To see businesses fail to prioritize cybersecurity is “akin to the behavior of a delusional problem gambler,” said Liv Boeree, poker champion and contributor to the report.

Switching gears, researchers used the same methodology to identify the 'best bet' of future-proofing against an attack. Two examples are given:

  • The average ROI for future-proofing your business with end-to-end encryption is twice as high as investing in the S&P 500
  • Cyber-security costs are rising so fast that waiting another year to invest in cyber-security is the same as letting 10 years' worth of inflation erode the value of your cash

Recent studies on the state of cybersecurity in the business world have found similar results. A recent report by insurance giant AIG reveals that Business Email Compromise (BEC) is a new leader in the list of top threats causing losses for businesses. In BEC scams, attackers use social engineering tactics to trick victims into wiring money to an address controlled by the attacker. For example, after compromising an executive’s credentials, they use their email account to demand a money transfer in their name from the finance department. Other times, attackers impersonate foreign suppliers requesting fund transfers for payments.

tags

Business Insights

Author

Filip Truta

Filip Truta

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

View all posts

Right now Top posts

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

Bitdefender Threat Debrief | November 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | November 2024

November 07, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Bitdefender Threat Debrief | October 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | October 2024

October 10, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Enterprise Security Endpoint Protection & Management

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Bitdefender Enterprise

November 21, 2024

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Enterprise Security Endpoint Detection and Response

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Jade Brown and Nikki Salas

November 20, 2024

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Daniel Daraban

November 19, 2024

Bookmarks

loader