The amount of financial damage a cyberattack inflicts on a company depends on many variables, but on average an enterprise-level corporation can expect to pay out more than $550,000 to recover from a typical attack.
The Kaspersky Lab report, IT Security Risks Survey, found that when all is said and done enterprise victims typically spend $551,000, while smaller business typically spend $38,000 to clean up after their computer system has been attacked. The survey found the most damaging attacks were from malware, phishing and employees accidentally releasing data.
Despite the costly nature of falling victim to an attack, the Kaspersky survey found only half of IT professionals polled consider preventing security breaches their IT concern, followed by understanding new technologies and how to use them, and managing change in IT systems and infrastructure.
The Kaspersky team looked at the cost of professional services, lost business opportunities and downtime as the three primary areas a company has to pay as part of the mending process.
Enterprise |
|
Service Required | Cost |
Professional services | up to $73,000 |
Lost business opportunities | up to $58,000 |
Downtime | $420,000 |
Total | $551,000 |
“The average cybersecurity bill for a small business that experiences an attack may be less expensive on paper; however, it may be crippling for organizations that are typically time and resource starved,” the report stated.
Kaspersky emphasized these charges only reflect the post-attack costs. When line items such as training, IT infrastructure and staffing are added to the mix it could add up to $69,000 to a large company and $8,000 to a small firm. Then there are costs to fix the more intangible aspect of a hack, the company's reputation, which Kaspersky estimated at $204,750 at the enterprise level and $8,653 for small business.
Small Business |
|
Service Required | Cost |
Professional services | up to $10,000 |
Lost business opportunities | up to $5,000 |
Downtime | $23,000 |
Total | $38,000 |
These numbers should serve as a wakeup call for both large and small businesses. IT security needs to become a more common priority for organizations and it is our hope that these numbers will motivate businesses to take the necessary steps to implement effective cybersecurity technology and strategies to prevent having to pay an enormous cybersecurity bill,” Chris Doggett, managing director of Kaspersky Lab North America said in the report.