Blog

Can your organisation afford the true cost of cyber-attacks?

Share
Share
shutterstock_1095422036-scaled

In light of recent episodes, The PM sent out a wake-up call to all Australian businesses, and just recently the government has issued Australia’s Cyber Security Strategy 2020(2) with a vision to ensure a “more secure online world for Australians, their businesses and the essential services upon which we all depend”.

Modern businesses rely on technology more than ever before, with I.T. infrastructure and data resources helping people to connect and work from any location. Increased connectivity also creates challenges, however, including reduced privacy, potential data loss, and greater exposure to activity from cyber-criminals and other state-based actors.

Cyber-attacks are increasing in Australia, and the consequences to businesses are wide ranging regardless of location or industry sector. The Proofpoint 2020 State of the Phish report found that 54% of Australian organisations experienced a successful fishing attack in 2019.

WHAT IS CYBER-CRIME?
Cyber-crime refers to a broad range of criminal acts connected with information and communications technologies (ICTs). Cyber-crime includes attacks directed at computers and crimes where computers are used as an integral part of the offence. Examples of cyber-crime include breaking into databases, denial of service attacks, phishing, malicious code, and malicious insider fraud.

THE COST OF CYBER-ATTACKS
Criminal activity connected with technology is associated with a range of costs, from financial costs linked to productivity and equipment losses through to reputation damage and regulatory fines. Many criminal activities are associated with multiple costs, some of which can be crippling or involve years of recovery time. Let’s take a look at the real cost of cyberattacks in Australia.

1. PRODUCTIVITY COSTS
Most cybercrimes will cause some kind of disruption to regular business activity, with many attacks specifically designed to disrupt services. For example, distributed denial of service (DDoS) attacks are associated with the biggest percentage of monetary losses, with web-based data theft and malicious hacking attacks also likely to affect productivity.

According to the 2019 Cost of Cybercrime study from Accenture, business disruption and data loss represent the biggest expense. Cybercrime cost Australian companies on average US$6.79 million in 2018, with three-quarters of this loss attributed to reduced productivity. In order to avoid these costs, it’s important to take preemptive measures to avoid and manage intrusions.

2. RECOVERY AND TECHNOLOGY COSTS
Cyberattacks take many forms, from phishing and malware attacks to web-based intrusions and denial of service. Along with productivity costs due to disruption and data loss, Australian businesses face significant recovery and equipment costs in order to restore systems and get operations back on track.

Reverse engineering security solutions and identifying attack vectors take significant time and resources, as does updating software and retraining staff. Along with productivity losses, businesses may need to spend a considerable sum of money paying for IT specialists, educating staff, and updating compromised software and hardware resources.

3. REPUTATION COSTS
When it comes to cybercrime, not all costs are tangible. Along with money itself, the reputation of an organisation can be severely affected by intrusion or data theft. While recovery costs are a direct expense and productivity costs are an indirect expense, reputation damage is best understood as an opportunity cost.

Data is the new global currency, with stolen or compromised data representing a huge potential loss for any organisation. Damage to business reputation can be measured from lost opportunities as a consequence of the security incident. While every business needs to safeguard their reputation carefully, research shows that technology and finance organisations are the ones which get highly impacted by cybercrime.

4. COMPLIANCE COSTS
Compliance costs also include a range of direct and indirect expenses as a result of cybercrime. Whether it’s the time spent filling in a report at the Australian Cyber Security Centre (ACSC), the cost of adapting a security stance, or a specific fine for non-compliance in one’s industry sector, compliance costs can be significant. When calculating the expense associated with an organisation’s cybersecurity strategy it is important that these costs are recognized.

Operating safely in the modern and connected world, and adhering to regulation will always involve some expense, but many of these costs can be greatly minimized through foresight and management. If you’re looking for a complete cybersecurity solution to ensure your safety and productivity, Nexon offers a range of tailored security packages.
If you would like to learn more, please contact Nexon for a free no-obligation consultation.

You can call us on 1300 800 000 or email us at enquiries@nexon.com.au to start the conversation.

In partnership with Proofpoint

 

  1. https://www.pm.gov.au/media/press-conference-australian-parliament-house-act-20
  2. https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security/strategy
  3. https://www.proofpoint.com/sites/default/files/gtd-pfpt-au-tr-state-of-the-phish-2020-a4_final.pdf
  4. https://www.accenture.com/_acnmedia/pdf-96/accenture-2019-cost-of-cybercrime-study-final.pdf
  5. https://www.cyber.gov.au/acsc/report/are-you-a-victim-of-cybercrime

Related articles

6th December, 2023 | Stephen Ellis

How to deliver modern customer experiences with legacy finance platforms

Financial service providers are wedged between yesterday and tomorrow. While traditional systems still power core solutions (and will for some time), today’s customers expect personalised, real-time service delivery across any channel. How do you bridge the gap without reinventing the wheel?
4 minutes
21st November, 2023 | Dan Weis

From static reports to remediation: the journey to next-level cybersecurity

Our rigorous penetration test reporting is just the beginning. We understand that for most organisations, the real challenge begins with turning those findings into tangible security improvements. That's why we've introduced an intuitive, interactive Penetration Testing Reporting portal that allows you to seamlessly manage your vulnerabilities in a central location for multiple stakeholders to action accordingly.
5 minutes
20th November, 2023 | Janniek Starren

How Teams proliferation exposes you to security and compliance risks

Remember that cross-functional team that ran the big product launch in 2022? No, neither do I. But it still exists online, complete with sensitive financial documents, third-party access, and private discussions about competitors. Did anyone lock the door on the way out?!?   The recent rush to remote and hybrid work has created a flurry […]
5 minutes

Whitepaper

Expert strategies for tackling 2021’s cyber security norms

nexon-cybersecurity-ebook@1x 1