Ransomware attacks can cost enterprises up to 30 percent of operating income
The financial impact of a ransomware attack can cost businesses up to 30 percent of their operating income, with smaller enterprises hit proportionally harder.
A new report from ThreatConnect looks at the financial impact of ransomware attacks on small ($500M), medium ($1.5B) and large ($15B) organizations within healthcare, manufacturing, and utilities.
The report examined thousands of companies in the three industries. Analyzing tens of thousands of losses from around the world, ThreatConnect has estimated median hits to operating incomes.
Smaller healthcare organizations lost an estimated 30.86 percent of their income to an attack, compared to 15.36 percent for medium and 4.92 percent for larger businesses in the sector.
Manufacturing fares a little better for smaller companies -- despite being the most attacked industry -- at 20.07 percent, but worse for medium and large ones, 16.67 percent and 10.15 percent respectively. For utility companies the figures are 30.77 percent, 13.12 percent and 2.19 percent.
While losses to cyberattacks impact the current fiscal year, they can also linger and impact current and future years as costs. These include legal fees, settlements, and brand damage the effects of which can take time to materialize.
"With the National Cyber Strategy coming out of the White House focusing on decreasing cyber risk from critical infrastructure and the new SEC Cyber Proposals, organizations across industries are now being tasked with reporting on cyber risk," says Jerry Caponera, GM of risk quantification at ThreatConnect. "Organizations are finally waking up to the fact that the impact of ransomware and other cyber attacks is more than just a moment in time. The financial implications are far-reaching and create barriers for companies to continue operations after these attacks."
The full Risk Quantification Report is available from the ThreatConnect site.
Image credit: Anidimi/depositphotos.com