90 percent of companies have suffered at least one cyber attack
According to the latest survey by Kaspersky Lab, 90 percent of companies have suffered a cyber attack and for larger businesses the cost could be as much as half a million dollars.
Of the 5,500 companies surveyed nearly half, 46 percent of businesses, lost sensitive data due to an internal or external security threat.
The average cyber attack for enterprise incurs costs of up to $73,000 for professional services, up to $58,000 in lost business opportunities and up to $420,000 in downtime. Smaller companies suffer too and average cyber attack costs of up to $38,000 can prove crippling.
As well as the direct costs of an attack organizations both large and small need to address staffing, training and IT infrastructure upgrades to prevent future incidents from occurring. Those costs could be up to $69,000 for an enterprise and up to $8,000 for a small business. It's also important to factor in the reputational damage that an organization can suffer as a result of a cyber attack, which could total up to $204,750 for an enterprise and up to $8,653 for a small business.
"Businesses have known for a long time that any cyberattack has its consequences, but the high costs associated with addressing a cyberattack after an incident occurs is quite alarming," says Chris Doggett, managing director of Kaspersky Lab North America. "These numbers should serve as a wakeup call for both large and small businesses. IT security needs to become a more common priority for organizations and it is our hope that these numbers will motivate businesses to take the necessary steps to implement effective cybersecurity technology and strategies to prevent having to pay an enormous cybersecurity bill".
Despite the scale of threats many businesses are still not doing enough to protect themselves from what could be a financially crippling attack. Only 50 percent of IT professionals surveyed listed prevention of security breaches as one of their three major IT concerns and 44 percent of businesses have not implemented anti-malware solutions to prevent them.
More detail, including the types of threat most likely to lead to a security breach, can be found in the full IT Security Risks report available from the Kaspersky site.