The Price of Security: How Much Does a Cybersecurity Attack Actually Cost?
In 2017, the credit file agency Equifax was hacked. It resulted in 146.6 million Americans having their personal data exposed and the cost to Equifax as a company was massive. To date, the breach is expected to cost Equifax around $600 million1 to resolve - this includes lawsuits. But this is not the only losses Equifax experienced after the breach. The company's share price drop, post-breach, resulted in $4 billion being wiped off their market value.2
The Equifax example is an extreme case, highlighting the cost of a security incident. But the costs associated with a cyber-attack hit all sized companies. In this article, DynaSis, an experienced cyber security company in Atlanta, looks at the costs that a security incident has on a small to mid-sized business.
“The DynaSis team helped educate us on how vulnerable our systems can be if we are not using the right tools. With the advanced security products that DynaSis offers, we feel that our systems are prepared to block out hackers, malware, phishing attacks and any other cyber security risks.”
Am I at Risk?
The simple answer is yes. Cybercriminals do not discriminate. All companies, everywhere, across all sectors, are a target for cybercrime. Every industry, from manufacturing to healthcare to government to financial to education, is being affected. Cisco’s 2018 SMB Cybersecurity Report3 looked into the impact of cybersecurity threats on organizations with fewer than 250 employees. The report found that 53% of SMBs had experienced a cyber-attack. If your company suffers a breach, data is exposed, systems are potentially damaged, and employees lose work time. All of this equals money, reputation, and time lost.
“Cyber security attacks happen every day and are a huge expense to recover from. DynaSis has taught us that the best way to avoid these attacks is to be proactive and have the right solutions in place to protect our network from these outside threats. We are very satisfied with the success DynaSis has in keeping our business safe!”
Cost Analysis of a Cyber-Attack
Cyber security service companies are at the forefront of highlighting and preventing this wave of cyber security attacks. DynaSis sees the devastation that a data breach or cyber security incident causes and we act to make sure it doesn't happen to your company. According to cyber security firm Radware's 2018-2019 Global Application & Network Security Report4, the average cost of a cyber-attack is $1.1 million. This is an increase of 52% on 2017-2018. McAfee5 has estimated that in 2017, globally, cybercrime cost around $600 billion a year.
No company is immune to a cyber-attack. Small businesses are targeted because they commonly lack the support needed to protect against these attacks. In the aforementioned Cisco study, over half of small companies interviewed reported the costs of a cyber-attack were around $500,000. When asked how long they could remain profitable if they lost access to critical data, over half said they would be unprofitable within a month.
The situation is perhaps not surprising when we look at how the security landscape is changing. In the last few years, attack methods like phishing have increased. In a Wombat study6, 48% of respondents had seen an increase in phishing attacks and new methods like cryptojacking saw a staggering 8,500%7 increase in 2017. Small to midsized organizations do not have the internal staff to manage the day-to-day needs of risk mitigation.
When we look at the price that we pay for a security incident, how do we come up with the figures? The cyber-cost equation has many variables:
- Damage to your IT infrastructure - 78% of companies experience service degradation after an attack
- Lost revenue due to downtime
- Loss of customer confidence in your company - a study by Semafone8 showed that 86% of people would be less likely to deal with a business after a data breach
- Share price or market value drop
- Fines for non-compliance with data protection and privacy laws - GDPR, for example, has fines of 4% of international revenue or around $22 million, whichever is higher
- Costs associated with managing exposed customer data
- Attorney fees from lawsuits
- Ransom money (if an incident involves ransomware) - ransoms, if paid, can run into the many thousands of dollars
- Losses due to stolen proprietary information of intellectual property (IP) - the IP Commission Report estimates that trade secret theft costs the U.S. economy at least $180 billion per year9
Some or all of these issues can be felt by a company, post-attack. Many of them are long-lasting and complex. Costs incurred can mean communicating with customers as well as regulatory bodies. This takes time from your business and means paying attorney costs.
“Cyber terrorists are targeting small to mid-sized businesses like ours on a daily basis. The amount of security protection that DynaSis implements helps put us at ease so we can focus on running our business, while they make sure that we are staying safe.”
How Can a Cyber Security Services Provider Help?
Small to mid-sized organizations are highly vulnerable when hit with unexpected large costs. The levels of cost in both time and money that results from a cybersecurity incident could be catastrophic for a SMB.
Cyber security services companies exist to bridge the gap between enterprise-level security and the smaller organization. DynaSis is a cyber security services provider in Atlanta. We offer enterprise-grade protection for the small to midsized company. We act as your digital guardian, making sure that the costs of cybercrime stay away from your company door.
Simply put, you don’t need to have an internal dedicated cybersecurity department to protect your business. If you use a cyber security services provider, you can have the best protection and stop your company becoming a costly victim.