It is a reality, we live in an environment surrounded by cyber threats, increasingly developed and advanced. Even the most powerful websites in the world are not immune to cyber-attacks. Hackers will do whatever it takes to hit a company's security flaws and exploit them in order to steal valuable information.
According to research from insurer AIG Europe presented in May this year, there were as many cyber risk claims notifications in 2017 as in the previous four years combined, the equivalent of one per working day, with more than a quarter of the claims (26%) being ransomware as the leading cause of loss:
- Ransomware 26%
- Data security breach by hackers 12%
- Other security breach/unauthorized access 11%
- Impersonation fraud 9%
While the proportion of claims caused by employee negligence declined marginally to 7% in 2017, human error remains a significant factor in the majority of cybersecurity claims.
According to various studies produced, cybercrime is estimated to have a global impact on the economy of between €350 billion and €1 billion per year, close to 1% global GDP.
In Spain alone, last year it cost companies around 14,000 million euros, according to figures from the National Cybersecurity Institute (Incibe), which states that between 100,000 and 120,000 computers are attacked every day in our country.
No sector is immune to cyber-attacks, with professional and financial services topping the list:
- Service sector 18%
- inancial Services 18%
- Retail trade 12%
- Business Services 10%
- Manufacturing 10%
The results of a survey of more than 4,000 companies conclude that, on average, a single cybersecurity incident costs large companies €770,252, while it costs SMEs €77,372.
What is most alarming is the importance of the timing of the discovery of the cyberattack, as the cost of recovery increases significantly. For example, SMEs tend to pay 44% more if they have to recover from a cyber-attack discovered after a week or more in the system, compared to if they are discovered on the same day of the attack. Large companies pay a 27% surcharge in the same circumstances.
In addition, these cyber-attacks can expose legal breaches by the victim, i.e., in addition to the losses caused by a cyber-attack, we would have to add significant financial penalties, related to the New General Data Protection Regulation (GDPR), which can reach 20 million euros or 4% of the total annual turnover of the previous financial year (whichever figure is higher).
The financial figures are approximate and depend on a number of factors, but the value of reputation is incalculable. Customer distrust, with the consequent flight of customers, together with the loss of prestige and the difficulty of accessing certain markets, can be even more problematic than financial losses.
In addition to economic and reputational losses, the overall cost can be much higher due to aspects such as:
Loss of information:
After the cyber-attack, it will be difficult to recover all the compromised information, which can be more damaging than the economic damage, since the loss of classified documents, databases, technical documents, etc., can be irreversible for the company.
Loss of business:
All the time destined to the recovery of information and reestablishment of the computer systems, will mean a stop of the production, of the global strategy and in short of the business.
Dedication of human resources:
After a cyber-attack, it takes an average of six months to recover from it and reactivate its usual rhythm, and with it from one to six professionals dedicated that half year to recovery.
According to PwC, the business impact of cybersecurity issues in the United States is as follows:
For all these reasons, it is necessary for the business world to become aware of the importance of cybersecurity, assuming that just as it is essential to be online, this exposure makes us a target for cybercrime.
Do you want to control the cyberthreats that prowl around your company?
In our How-to Case Study we tell you how you can protect your business with our best tools.