Experts estimate cyber attacks cost the global economy more than $450 billion in 2016. By 2021, the total cost of cybercrime is expected to reach as high as $6 trillion. Earlier this month, WannaCry became the first ransomware-worm cyber attack, and it shook the world; causing companies of all sizes in over 150 countries an estimated $4 Billion in damage, with under $100,000 collected in ransom. These figures may seem staggering, but they are based on costs that are relatively easy to quantify.
In reality, the true costs of a cyber attack are much higher. After any major data breach, companies have an obligation to report certain losses. While these reports catch the public eye, they leave out factors with long-term impact on the business – either because they are hard to measure or simply to protect reputations. The average breach costs a company $3.6 million. Calculate what a breach would cost your company.
Some "Unseen Costs" of Cyber Attacks
Insurance Costs and Losses
Insurers have long since started to add cyber security to their risk assessments. Likewise, many businesses now maintain insurance specifically to defray the costs of security breaches. However, some policies may only end up covering just 3% of the company's total losses. After an incident, policyholders can find their costs doubled or tripled while still being financially drained.
Lost Value of Customer Relationships
Two of the biggest brands targeted by hackers in recent years, Home Depot and Target, suffered a combined total of $554 million in losses. Uncounted in that figure is the high-profile nature of news about the breach. Sensational reporting about the attacks have driven thousands of people away from the brands and suppressed the opening of store credit.
Lost Value of Company Brand and Name
In addition to a sense of “trustworthiness,” brand and trade names confer upon a firm its industry status and clout. Experts have measured appreciable losses in the trade name values of breach victims. This correlates with longer-term uncertainty among potential investors and consumers.
Loss of Intellectual Property
Although virtually all cyber-attacks are motivated by profit, the loss of Intellectual Property(IP) can be especially devastating. IP theft has become common, as hackers act as “middlemen” selling data to third parties. This destroys the investment behind IP and may shut firms out of affected markets.
Overall Loss of Innovation
With annual cybercrime losses to average businesses topping $95 million, businesses in many sectors must focus more resources on conserving, rather than increasing, value. This robs entire sectors of the time, money, and personnel to drive innovation. The loss of intellectual capacity affects all businesses.
Small and Mid-Sized Businesses Should Make Security a Priority
Although many high-profile security breaches have targeted Fortune 500 companies, they are not the only ones at risk. Small and mid-sized businesses must be especially diligent to protect their assets against cybercrime – especially since they lack the resources of global players. In just one month, April 2017, the number of online attacks blocked by Symantec software doubled – from 584,000 per day to 1,038,000. Many of these are attacks of convenience using automated software to probe corporate networks for common security problems.
By understanding the true costs of cybercrime, businesses of all sizes have the chance to take proactive steps. It is never too early to invest in the right software, hardware, and knowledge to protect your assets. When enterprises are prepared, they make less tempting targets and can often significantly reduce any losses they might suffer otherwise.