Aug 2023
The Cost of Cyber: Can You Afford $3.35 Million?
While this title might sound like clickbait, we can assure you it’s not. What you read is a very real statistic from IBM in 2020. In this article, we’re going to deep dive into recent statistics not to scare you but to highlight that the realm of cyber challenges doesn’t have to be a hair-raising experience and there is no reason why your organisation needs to hitch a ride on the statistic train we’re about to unpack.
In today's interconnected business landscape, reliance on intricate networks, cloud solutions, internet-enabled devices, and digital platforms is standard practice. While this interconnectedness offers numerous benefits, it also exposes businesses to heightened risks of cyber breaches, which can have far-reaching consequences beyond the obvious disruptions.
A recent report from KPMG highlights that in 2022, 33% of Australian businesses experienced cybercrime incidents, with an average cost of $272,363 per incident. Disturbingly, 60% of these attacks targeted small and medium-sized enterprises. On a more concerning note, data breaches present an even more significant challenge. As defined by IBM, a data breach occurs when unauthorised entities gain access to sensitive or confidential information, encompassing personal data and critical corporate data. For businesses in Australia, the financial toll of a data breach is staggering, averaging at $3.35 million.
This amount is up 9.98% from 2019, but the cost of inaction is about to eclipse this figure.
Due to Australia's introduction of stricter data breach penalties, a reaction to the catastrophic Optus breach, this average amount is sure to rise. Legislation intends to significantly increase the existing penalty amount of $2.22 million to $50 million, or 30% of a company's adjusted turnover in the relevant period, whichever is greater, for major or recurring data privacy violations.
The average time it takes to recover from a severe breach is 23 days, but the financial fallout from one can last for years. Notably, 53% of data breach expenses are incurred in the second and third years after the incident, particularly for industries with strict regulations like healthcare and finance.
While these financial statistics are harrowing, the intangible and indirect costs of a cyber incident of can have a massive impact on a business.
Could your enterprise weather the following?
-
40% disruption to business
-
29% loss of client and critical business information
-
25% loss in revenue
-
29% drop in productivity
-
An increase to 51 days recovery time if the attack was initiated by an insider, employee or contractor.
The reputational harm caused by a cyber breach cannot be overlooked in a market where a company's financial performance is so closely correlated with the rulings rendered by the court of public opinion. Approx. 133,000 posts about the Optus breach were made in the 14 days that followed, up 524% from the prior two weeks, thanks to the public and the media. 33% of this was negative. That’s a lot of negative press. It may take years to recover from this reputational harm, which can have a multiplier effect like the long-term financial effects.
The "IF" we are impacted by a cyber-attack is now more realistically a "WHEN". Statistics and the ever-increasing attack surface of modern enterprise offer a bleak picture for organisations who are not prepared and who do not have a solid cyber conscious culture with robust plans in place.
Preparation is essential for weathering the storm. Cyber insurance, incident response, disaster recovery and business continuity planning can help ensure that if the worst happens, you’re on sure footing.
Waterstons has 25+ years' experience across the UK and Australia preparing and protection organisations from cyber threats. We are committed to assisting all organisations to stay agile and prepared in today’s cyber conscious economy.
Empower your organisation today, get in touch with one of our team members - 24/7
info@waterstons.com.au l 02 9160 8430