Nordea On Your Mind

Cybercrime: Growing along with human connectivity. Corporates in crosshairs: A look at the big cyberattacks of 2017


Cybercrime: Growing along with human connectivity
Humans are increasingly interacting and transacting online, with the share of internet users set to grow from 50% of the total global population last year up to 90% by 2030. Crime will continue to migrate online, targeting a potential 7.5 billion internet users. Perpetrators of cybercrime include organised crime (aiming to make money), hacktivists (who typically have an ideological agenda) and state-sponsored players (aiming for intelligence, sabotage or money). There are industry estimates that total global cybercrime damage costs could double to USD 6 trillion by 2021.

Corporates in crosshairs: A look at the big cyberattacks of 2017
Cyber threats now faced by corporates include Distributed Denial of Service (DDS) attacks that overwhelm websites to make them crash, ransomware (malware that encrypts the target’s data and demands a ransom payment to release it) and sabotage. An example of sabotage was the NotPetya malware released in the Ukraine during June 2017, which destroyed targets’ data, making global corporates such as A.P. Møller-Mærsk, Mondelez, FedEx and Renckitt Benckiser suffer collateral damage and associated costs of USD 100-300m; ie 4-10% of EBIT. The WannaCry ransomware attack in May 2017 affected over 230,000 computers, disrupted the UK National Health Service and led to estimated global costs of up to USD 4bn. The hack and individually targeted data theft from US consumer credit reporting agency Equifax in July 2017 has so far led to the departure of its CEO, costs of USD 439m (~40% of EBIT), a share price drop of 30% at the lowest point and pending civil and criminal litigation against the company.

Corporates now consider cybercrime a key concern
According to a 2017 global survey by Marsh and Microsoft, large corporates now consider cybercrime a key risk. Around 70% of board members surveyed said it was top-five risk, double the share seen in a similar survey from 2016. Tellingly, only 14% of board members are highly confident in their company’s ability to respond to a cyberattack.

Cybersecurity: Emergence of a USD 100bn industry
The rising corporate sense of urgency is set to drive ~40% growth in global cybersecurity spending, up to USD 100bn by 2020. Of the top 50 listed players in the industry, two-thirds are from the US, three are Nordic (F-Secure in Finland, Fingerprint Cards and Precise Biometrics in Sweden) and four are European (Gemalto and INSIDE Secure in France; Sophos and NCC in the UK).

Interviews with a corporate victim and cybercrime defenders
In addition to an introduction by Nordea’s Global Co-Head of Corporate & Investment Banking Mathias Leijon, we interview A.P. Møller-Mærsk’s VP and Head of Risk Management Lars Henneberg; F-Secure’s CEO Samu Konttinen; Nordea’s Group Chief Information Security Officer, Tapio Saarelainen; Nordea’s Head of Technology Information Security Stefan Jäschke; and Benjamin Särkkä, Head of NITSIRT (Nordea IT Security Incident Response Team) at Nordea’s Cyber Defence Centre.




Latest research on Strategy and Quant

20 Feb 2018: Nordea on you mind: Diversity boosts stability of returns
24 Jan 2018: Nordea on your mind: Nordic housing hiccups
18 Dec 2017: Nordea On Your Mind: Capex – a once-in-a-decade opportunity



Johan Trocmé | Head of Corporate Research | +46 101 56 34 22 |
Ellen Benktander | Analyst, Corporate Research |


For disclosures and disclaimers, please click this link

Nordea Markets is the name of the Markets departments of Nordea Bank AB (publ) and its branches Nordea Danmark, filial af Nordea Bank AB (publ), Sverige, Nordea Bank AB (publ), filial i Finland and Nordea Bank AB (publ), filial i Norge. The information provided herein is intended for the sole use of the intended recipient. The views and other information provided herein are the current views of Nordea Markets as of the date of this document and are subject to change without notice. The views have been provided solely based on the information made available to Nordea Markets and for the purposes of presenting the services made available by Nordea Markets. This notice does not substitute the judgement of the recipient. Nordea Markets is not and does not purport to be an adviser as to legal, taxation, accounting or regulatory matters in any jurisdiction. Relevant professional advice should always be obtained before making any investment or credit decision. This document may not be reproduced, distributed or published for any purpose without the prior written consent from Nordea Markets. This transmission is intended solely for the person or entity to whom it is addressed. It may contain privileged and confidential information. If you are not the intended recipient, please be notified that any dissemination, distribution or copying is strictly prohibited. If you have received this transmission by mistake, please let us know and then delete it from your system.