Businesses face cyberthreats every day—yet, many are still unprepared to deal with these types of modern-day sabotage and espionage. Moreover, a chunk of these attacks and threats—43%—are directed at small businesses, companies that are less likely to be able to recover from the consequences of cyberthreats. Despite this, studies show that only 14% of small businesses are prepared for such threats.
Perhaps, knowing the actual costs of these attacks can help convince business owners to start investing in tools like Office 365 backup platforms to safeguard their systems and their data.
Here are some eye-opening statistics on the financial impact of cybercrimes.
So How Much Does It Cost?
Cybercrime costs can vary between countries, industries, and types of attacks. One thing is clear: they’re not cheap.
An Accenture and Ponemon Institute report revealed that the annual cost in the United States is over $25 million. In Japan, it can reach $13 million, while in the UK it amounts to $11.46 million.
Meanwhile, the report shared that the number of people-based attacks exploded between 2017 and 2018. Malware, for example, rose by 11%. So did malicious insiders (or inside jobs) by 15% and ransomware by 21%.
When broken down, these attacks cost businesses the following:
- For malware, it jumped from $2.36 million to $2.6 million.
- Malicious insiders cost $1.7 million in 2018 from $1.5 million in 2017.
- Ransomware was $645,000 in 2018 from $532,000 in 2017.
- Web-based attacks cost $2.75 million in 2018. It was $2 million in 2017.
- Phishing also increased by 8% or from $1.4 million in 2017 to $1.6 million the following year.
No industry is immune to cyberthreats. The public sector, for instance, lost around $7.9 million in 2018. However, the increase in costs was the highest in the following fields:
- Travel (77%)
- Life sciences (86%)
- Automotive (47%)
- Consumer goods (47%)
- Capital markets (32%)
- US federal government (32%)
As mentioned, cyberattacks are even more hurtful for small businesses, which can suffer grievous losses. Verizon shared that more than half of the victims in 2018 were small-scale enterprises. Hiscox, an insurance carrier said that the average loss was a whopping $200,000. It isn’t surprising that at least 60% of these businesses will eventually shut down within six months.
Why do hackers hack? According to a Raconteur infographic, over 41% of these breaches were for ransom. They held data hostage for money. However, they also attacked because:
- Insider threats (27%)
- Competition (26%)
- Angry user (20%)
- Political (26%)
- Cyberwar (24%)
In fact, in about 11% of these cases, the motive was unknown.
The 2019 Accenture report also cited how cybercriminals are becoming resilient, adapting and changing their modus operandi (MO). They are shifting their targets from systems to humans, who may be the weakest link in any organization’s cyber defense.
Many of them are also destroying data and systems instead of stealing them for ransom or selling information to competitors or the dark web.
How Businesses Can Protect Themselves
One of the first steps is to recognize that cyberattacks are real—and that they are costly. Despite the threats, many small businesses avoid spending to mitigate the risks, falsely thinking they happen only to large companies.
They also need to remember no system is 100% secure. In 2020, Microsoft warned at least a million users on the vulnerability of a remote code execution in Adobe Type Manager Library.
Cybersecurity costs can be expensive, but business owners can temper those costs with practical solutions:
- Creating data backup for easy recovery
- Training employees on cyberdefense
- Limiting the access of employees to high-security information
- Using updated programs
Cyberthreats are not going away soon. Instead, they will evolve. Now is the best time for businesses to prepare for the risks and to update themselves about the situation.