How much does a cyberattack cost a company?
Phishing, ransomware, the dark web, cybercrime... These are all terms and phrases that were virtually unknown just a short while ago but have now become commonplace. All these malicious acts have a significant impact on the global economy, which is investing billions of dollars to combat them or protect itself against them.
In fact, cyberattacks are becoming increasingly common, particularly within organizations. Always on the lookout for new challenges, hackers keep a close eye on emerging technologies.
Cyberattacks: At What Cost?
According to IBM Security’s benchmark report, among 550 organizations surveyed worldwide between March 2021 and March 2022, the average cost of a cyberattack is $4.35 million, or approximately €4.27 million.
These ransoms are demanded in the form of cryptocurrency and range from a few thousand to several million euros. Each time, this presents a moral dilemma for organizational leaders. They hope to recover their data—which has been rendered unreadable by the ransomware—and quickly restore the organization’s operations by paying the ransom. Unfortunately, this is almost never the case.
Not all the costs of a cyberattack can be quantified
In reality, the cost will depend on many factors, such as the size and industry of the company, the severity of the attack, and the cybersecurity measures in place prior to the attack. Furthermore, there are no more precise figures on this subject, as many companies do not report the attacks they suffer.
It is important to note that the costs of a cyberattack can also include non-financial costs such as damage to the company’s reputation, loss of customer trust, and disruption of business operations, which can have long-term consequences. It is therefore essential for companies to implement technical and organizational measures to protect their IT systems and data against cyberattacks, thereby minimizing potential risks and costs.
Large organizations (with more than 1,000 employees) remain the primary targets of cybercriminals. Half of them report having experienced at least one cyber incident in 2020. In 2019, cybercrime was estimated at over $600 billion (in data breaches, ransom demands, etc.). This represents 1% of global GDP lost. (Source: 2021 Unit 42 Ransomware Threat Report).
As we mentioned, the cost of these incidents isn’t limited to ransom payments alone, but also includesthe consequences of the disruption. For example, the town of Houille (Yvelines) saw its annual budget increase by approximately €350,000 following the ransomware attack on January 30, 2021. (Source: actu.fr) Faced with this surge in cyberattacks, organizations are incurring significant unexpected expenses. The only way to protect against these increasingly sophisticated hackers is to implementawareness measuresregarding phishing, ransomware, and all forms of cyber threats.
The real scourge: ransomware
Ransomware has become the most serious cyberattack currently threatening organizations and institutions. It affects all kinds of entities: from hospitals to small and medium-sized businesses, as well as large corporations andlocal governments. As with any cyberattack, users must be prepared to deal with a host of consequences. This includes damages not directly related to the attack itself. In fact, the indirect cost of a ransomware attack caused by a business interruption is 5 to 10 times higher than the direct cost. It is difficult to accurately calculate the actual cost of a business interruption, as it will have different effects on organizations depending on their size and type.
