
The Hidden Costs of Cyberattacks. How Much Could YOU Afford to Lose?
Russia’s invasion of Ukraine had a huge impact on the cyber threat landscape, with Russian-based phishing attacks against European and US-based businesses having increased eightfold. Data loss is, therefore, a growing and very dangerous risk. But just how much could a data breach potentially cost your business, and could you survive beyond the losses?
You could be forgiven for thinking that cyberattacks only cost businesses money when the attacker manages to gain and use financial credentials, or when they hold a business to ransom over stolen data. But the truth is that there are a great deal more costs involved in a data breach.
Between 2021 and 2022, the average ‘material’ cost of a cyberattack was just over £4,000, according to a recent government report. Such costs would involve a loss of money or data, usually due to ransomware or social engineering scams leading to mandate fraud or unauthorised bank access.
But these material costs are just the start of what a data breach could potentially cost a business. In fact, it is reckoned that 39% of the cost of a cyberattack comes at least 12 months after the event.
What are the hidden costs of a cyberattack?
Aside from any ransom demands or direct financial losses, cyberattacks carry all sorts of hidden costs that you may not have considered…
Lost working hours
Cyberattacks are well known for bringing businesses to a standstill. A ransomware attack, for example, could potentially halt operations for two to three weeks. At very least, productivity could be slashed, resulting in decreased output and increased production costs.
During downtime, not only is your business losing profits, you’ll also be paying staff who can’t work until you’re back to full production.
Loss of goodwill
Customers who are not able to buy from you or who you cannot service may well defect to a competitor, and there is the risk they may stay there, even when you are back up and running.
Lost regular customers will cause the most disruption to your profits, with losses accumulating over time.
Data loss
Losing data following a cyber breach is more than just an inconvenience. The cost to re-input all that data and restore lost information, files and documents could amount to a considerable sum.
The average cost per record compromised is around £110, although this varies according to the industry and data type. Personally identifiable information, for example, is the costliest by far, and is also the most compromised form of data.
If you think about the number of records your business holds, you’ll get an idea of how much data loss could cost you.
Notification costs
Once a data leak has been discovered, a business will need to communicate with any affected customers, as well as the data protection regulators and PR and legal advisers, the fees for which could be substantial.
Getting back up and running
The cost for restoring your IT systems will largely depend on the type of IT support you have. If you have an in-house IT manager or team, you’re likely to experience increased downtime, as all hands are on the data breach resolution case, rather than being deployed elsewhere.
If you use an outsourced IT support company on an ad hoc, reactive basis to resolve the crisis rather than as part of a regular support package, you’ll likely find yourself with a considerable bill.
Reputational damage
For data breaches that that pose a risk to your customers, current data protection law requires you to inform those customers. Even if the cyberattack hasn’t affected their data, there is a good chance that they’ll hear about it, as your services will likely be affected.
With your cyber security management policies being brought into question, your business is likely to lose face with customers. Trust will be lost, and customers may defect to a competitor with which they feel safer.
Regulatory fines
The Information Commissioner’s Office (ICO) is responsible for upholding information rights in the UK. They are able to issue a financial penalty for any breaches of current data protection law, if a business is unable to prove its data was properly protected.
There are two tiers of penalty for an infringement. The first is the higher maximum amount, which is £17.5 million, or 4% of global annual turnover, whichever is higher. The second is the standard maximum, which is £8.7 million, or 2% of global annual turnover, again whichever is higher.
In 2021, a data breach at Facebook cost the technology giant an estimated £2.7 million. And in 2020, a major breach at Microsoft cost the world software leader around £1.3 billion.
Don’t let cybercrime become a business overhead
Cybercrime is a growing threat, with one in four UK businesses having experienced a cyberattack in the past year. It’s vital that you don’t let it become a business overhead.
A tailored cyber security and data loss prevention plan is essential if you are going to protect your business from the hidden costs of IT security breaches. From reduced productivity to financial losses and reputational damage, there really is too much to lose.
At ClearTec IT, we’re here to keep your business running productively, and that includes keeping it safe from the latest cyber threats.
From firewall solutions and Office 365 security to disaster recovery strategies and Cyber Essentials accreditation, our specialist team of qualified IT experts is ready to tailor a data loss prevention plan for your business.
To arrange your free, no obligation consultation, please get in touch.