Regulations such as the EU's General Data Protection Regulation (GDPR, implemented in 2018) compel organisations to take cyber security precautions or else incur heavy fines. Many of these regulations force organisations to safeguard the personal data they hold; slip up in this arena and you'll face lasting public outrage and mistrust, which in itself causes economic harm.
Beyond financial damages, cyberattacks cause truly incalculable harm by disrupting or ruining personal lives, professional careers, and business relationships. And their physical impacts may be enormous - just think of downed power grids or scrambled medical data.
The cybercrime industry holds all the best playing cards, giving hackers everything they need to thrive indefinitely: expertise, financing, widely available readymade tools, strong financial and political incentives, anonymity and an inextricably interconnected digital landscape rife with vulnerabilities.