You may think you are fully aware of the costs of a cyber attack. These costs would be associated with getting your systems cleaned, a backup restored, and maybe some downtime. However, many small businesses still view a cyber-attack as nothing more than an inconvenience. But those who have experienced an attack will know that this is not the case.
In fact, the costs of a cyber attack, many of them hidden and ongoing, can be crippling to a business. This is why it is so important to put in place multi-level security protection. Many businesses that close following a cyber-attack do so because those unexpected costs spiral out of control.
Here a few of the reality’s businesses come up against following an attack.
Spending Cash to Try and Reduce Downtime
As soon as a hacker gets into your system things get expensive. The longer an attacker is in your system, the higher the cost of a cyber attack is likely to be.
Attackers often spend a lot of time within a system before they are noticed. Some of the latest stats have the average at 191 days. It can then take a further 66 days to contain the damage. Those 66 days are spent cleaning up laptops and PC’s, mobile devices, servers. Pretty much the entire network.
If you have to pay an expert to come and fix everything that adds more costs. Even if you have the expertise yourself then tools and software to fix things are another expense. And you are also likely to be experiencing significant downtime during this period. The company’s emergency funds will be depleted pretty quickly in this scenario.
The Long Arm of the Law
It may not seem entirely fair but, should your data get stolen, the government may well be hitting you with a large fine too. Depending on how you’ve handled the data breach, how you’ve tried to protect the data and what data has been stolen these fines can run into the millions.
After the General Data Protection Regulation (GDPR) came into effect in May 2018, companies operating in the EU were required to change their data processing practices or face the possibility of heavy fines for non-compliance. So far, the six biggest GDPR fines are;
- British Airways – 204.6m Euros
- Marriot International Hotels – 110.3m Euros
- Google Inc. – 50m Euros
- Austrian Post – 18.5m Euros
- Deutsche Wohnen SE – 14.5m Euros
- 1&1 Telecom GmbH – 9.5m Euros
Not insignificant sums! The burden is on the business to know exactly what data has been stolen, and to report it as soon as possible. So even if you are able to clean up the systems yourself you may well still need an external expert to find out exactly what the hackers have stolen.
Customer Retention and Trust Issues
33% of UK organisations say they lost customers following a data breach. So not only have you got the cost of the remedial work, your future income is likely to take a hit too. One way to negate this is with a PR offensive, and increased advertising. But to get those right you’re likely to be spending even more money.
GDPR means you have to let any customers know if their data has been placed at risk. And the Information Commissioners Office (ICO) publish details of each breach. This means that anyone Googling your business name is likely to see a report about your data breach. That kind of publicity is likely to have a negative effect on both customer attraction and retention.
Your Secrets: Exposed!
There is going to be information within your business that you’d prefer wasn’t revealed to your competitors, maybe even to your customers. These kinds of business secrets are really attractive to hackers. They know they are closely guarded, so more of challenge. And they may well be able to extract a ransom for agreeing to keep them quiet. Think KFC’s herbs and spices, Heinz ketchup recipe or McDonalds Big Mac secret sauce.
Those corporations are huge and should be able to retain a competitive advantage even after a breach. But your business might not be so lucky. You may not have a secret sauce, but your data, IP and methods will have a value.
What You Can Do
Nobody can guarantee to make you ‘unbreachable’. But there are measures that you can take to make it more difficult for cyber criminals.
Considering the huge potential costs of a breach, the ways of keeping safe are relatively inexpensive. Strengthening your defences with solutions such as Multi-Factor Authentication, DNS Filtering, and Advanced Threat Protection not only helps keep cyber criminals out, but can reduce fines if you are breached. And that reduces the overall risks to your precious business finances.
Even relatively simple actions such as ensuring your antivirus is up-to-date and you have the very latest security patches make your system more secure. A well thought out, layered approach will help keep the bad guys out. Starting with a free cyber security audit, we’ll help you identify gaps and start to build an effective defence for your business.
We offer a FREE Cyber Security Assessment, where we help identify the weaknesses in your defences and give you options to plug those gaps. Complete our Contact Form, call us on 0115 8220200 or schedule a call to book.
Bonus! FREE eBook
Find out if your business needs a cyber security assessment with our eBook ‘Does Your Business Need A Cyber Security Assessment‘