Just for a moment, imagine what downtime would look like at your business. By downtime, we mean your computers and everything connected to them are nonoperational. If your organization runs on technology, then that means no one is working. Does that give you a bit of a panic attack? It should, because downtime is a real possibility if you’re neglecting network security and you should be asking yourself if you’re willing – or able – to pay the cost of a cyber attack.
The Cost of Downtime
Exactly how much does a cyber attack cost? That depends. Just last year the average time that a business was down due to a ransomware attack was 7.3 days. That’s more than a week of your business not working, or working at a much reduced capacity if you happen to have a Business Continuity Plan that would restore minimal operations with alternative systems.
The average cost of downtime as a result of a ransomware attack is $46,800 but you can do the math to make that number real for you. How many people do you have and how much do you pay them every day? Now add in the cost of lost business.
Even if you can catch up, it’s very likely that you’ll have additional costs – overtime, expedited shipping, etc. If you’re late with customer orders or promises on service delivery, there might be late fees too.
Downtime isn’t the only cost. You can’t negotiate with the kidnappers who hold your data hostage with ransomware so you’ll likely have to pay a ransom to release your data. We’re not going to advise you to pay or not pay a ransom but you should know that the average requested ransom after a small business breach is $4,300.
Costs to Get Back Up and Running
If the cost of downtime was the only repercussion of a cyber attack, then all you would have to do is have a spare $50,000 or so around to take care of the problem, but there are more costs to consider.
What do you think is happening during that downtime? Hopefully, your IT team is figuring out how they can get you up and running with your backups. If your backups have gaps in data, then that could pose a difficulty that will take some time (and more money) to overcome.
Your IT team is also going to be trying to close the hole that let the hacker through in the first place and conducting an incident remediation. In addition to figuring out how the attack happened, your IT team will be installing measures to prevent the same thing from happening in the future. Unfortunately, unless your IT department has specialized cybersecurity expertise, you’ll have to outsource remediation. That’s another cost.
Legal Fees and Penalties a Plenty
The information that you store is valuable in many ways. You obviously want your financial information and access to accounts to be firmly secured behind locked doors, but what about customer information, proprietary processes and other trade secrets? What about the personally identifiable information that you store about your employees?
When the confidentiality of information is compromised, you could be sued for negligently exposing that information. If you need to comply with industry regulations, the minute you have a data breach you’re out of compliance and that could mean big penalties.
The Price of Your Priceless Reputation
A tarnished reputation with customers, vendors, employees and your community can be the biggest cost resulting from a cyber attack. You can’t put a dollar amount on your reputation, because your reputation lives in the minds and feelings of people.
Your marketing department is definitely going to be working overtime after a data breach as they try to manage the fallout as news and rumors about the incident are spread. Even if the hack doesn’t make it to the evening news, there’s going to be damage control internally within your organization, and outward to your customers and vendors.
What happens when your reputation is damaged is that you could have trouble keeping customers and employees, and attracting new customers and employees can become more difficult than ever. If that happens, your ability to meet your business objectives will be greatly impeded.
Are You Sure You’re Secure?
When you consider all of the costs that come with a cyber attack, you have to ask yourself if you want to take the risk or do you want to avoid the costs by putting more resources into prevention?
The first step to becoming more secure is to get a baseline view of where you are now. Contact us for a FREE IT assessment.