The cost of cyber-attacks
Cyber-attacks are becoming more and more common, and they’re also getting more expensive. The average cost of a cyber-attack is now $11.7 million, and that’s only going to go up. Are you doing everything you can to protect your business from these attacks?
The average cost of a cyber-attack
Cyber-attacks are becoming more common and more expensive for businesses, with the average cost of a breach now totaling $7.91 million.
This is according to the 2019 Cost of a Data Breach Report from Ponemon Institute, which surveyed 603 organizations from all over the world that had experienced a data breach in the last 12 months.
The report found that the average cost of a cyber-attack had risen by 12% since last year, and that the costliest breaches were those that involved malicious or criminal attacks, which averaged $8.64 million.
Organizations in the United States continued to be the most expensive hit by cyber-attacks, with an average cost of $8.19 million per breach. This was followed by organizations in Canada ($6.03 million) and the United Kingdom ($5.25 million).
The most costly data breaches were those that resulted in the loss or theft of customer data, which averaged $158 per record lost. The next most costly type of breach was those that involved the loss or theft of company confidential information, which averaged $145 per record lost.
The most expensive cyber-attacks
While the cost of a cyber-attack can vary depending on a number of factors, including the type of attack, the size of the organization, and the industry, there are some attacks that tend to be more costly than others. Here are three of the most expensive cyber-attacks that have occurred in recent years:
1. Equifax: In 2017, credit reporting agency Equifax was the victim of a data breach that affected 145 million people. The cost of the breach has been estimated to be as high as $700 million.
2. WannaCry: In May 2017, a ransomware attack known as WannaCry hit organizations around the world, affecting more than 200,000 businesses in 150 countries. The estimated cost of the attack is $4 billion.
3. NotPetya: In June 2017, another ransomware attack known as NotPetya hit organizations in more than 60 countries. The estimated cost of this attack is $10 billion.
The impact of cyber-attacks
In 2017, the average cost of a data breach was $3.62 million, and that number is only going up. With the frequency and severity of cyber-attacks on the rise, it’s more important than ever for businesses to take steps to protect themselves. Here are just a few of the ways cyber-attacks can impact your business.
The financial impact
The cost of a cyber-attack can be significant, and businesses of all sizes are vulnerable. According to the 2019 Hiscox Cyber Readiness Report, the average cost of a cyber-attack is $1.4 million, and one in four businesses has experienced a cyber-attack in the past 12 months.
The cost of a cyber-attack can include direct costs such as the cost of repairing damage and hiring specialist firms to help with recovery, as well as indirect costs such as loss of business due to downtime. The reputational damage caused by a cyber-attack can also be costly, particularly for businesses that rely on their reputation for trustworthiness.
There are several key steps that businesses can take to reduce the risk of cyber-attacks and minimize the potential costs. These include having robust security systems in place, ensuring staff are aware of the dangers of phishing emails and other scams, and having an effective incident response plan so that you can act quickly if an attack does occur.
The reputational impact
The impact of a cyber-attack can be far-reaching and expensive for a business, often going beyond the cost of the initial attack itself. The reputational damage caused by an attack can be long-lasting, and lead to loss of customers, loss of business partners and suppliers, and reputational damage that takes years to recover from. In some cases, businesses have been forced to close down completely as a result of the fallout from a major cyber-attack. It is therefore essential that businesses have robust security measures in place to protect themselves against these increasingly common and costly attacks.
How to protect your business from cyber-attacks
Cyber-attacks are becoming increasingly common, and they are also becoming more expensive for businesses. The average cost of a cyber-attack is now $1.3 million, and that number is only going to rise. So, how can you protect your business from these costly attacks?
Despite their best efforts, no organization is immune to the threat of a cyber-attack. In fact, a recent study found that 43% of businesses had experienced a cyber-attack in the last year – and the average cost of these attacks has increased by 23% over the last 12 months.
With the cost of recovering from a cyber-attack on the rise, more and more businesses are turning to cyber-security insurance to financially protect themselves in the event of an attack.
Cyber-security insurance is designed to cover the costs associated with recovering from a cyber-attack, including but not limited to:
· The cost of hiring a specialist firm to assist with recovery
· The cost of notifying customers and/or employees of the attack
· The cost of any legal fees incurred as a result of the attack
· The loss of revenue caused by the attack
Preventing cyber-attacks starts with employee training. Your employees are your first line of defense against cyber criminals, so it’s important to educate them on how to identify and avoid potential attacks.
Make sure they know not to open attachments from unknown senders, click on links in unsolicited emails, or give out sensitive information like passwords or bank account numbers. You should also teach them to be cautious when using public Wi-Fi networks and to never leave their devices unattended in public places.
In addition to general awareness training, you should also consider investing in more specific cybersecurity training for employees who handle sensitive data or have access to critical systems. This could include topics like data encryption, password management, and recognizing phishing attempts.
As cyber-attacks become more sophisticated and expensive, it’s crucial that businesses of all sizes carry out regular cyber-security audits. By testing your systems and networks, you can identify vulnerabilities and take steps to protect your business.
There are a number of different types of cyber-security audits, but all should cover four main areas:
1. Network security – test routers, firewalls and other network security devices to check they are properly configured and up to date.
2. Application security – check that applications are patching correctly and that there are no unpatched vulnerabilities.
3. Endpoint security – ensure that endpoint devices such as laptops, PCs and mobile devices are properly protected.
4. Physical security – don’t forget the basics such as locked doors and CCTV cameras.