Average Cyberattack Cost Tops $1 Million: What It Means for MSPs
A staggering one in three respondents don't have a cybersecurity emergency-response plan in place.
February 1, 2019
It’s now more costly than ever to be without adequate cyber protection. A new report by Radware shows that the average cost of a cyberattack now exceeds $1 million.
$1 million.
This is a rather high price tag, for small business and enterprise organizations alike, and the impact goes deeper than money. The level of attacks and the outrageous accompanying cost make it extremely difficult for businesses to recover.
Radware’s 2018-2019 Global Application and Network Security Report notes that the top impact of cyberattacks is operational/productivity loss (54 percent), with negative customer experience (43 percent) coming in close on its heels. What’s more, 45 percent of those surveyed said the goal of the attacks they suffered was service disruption. Thirty-five percent said the goal was data theft.
“While threat actors only have to be successful once, organizations must be successful in their attack mitigation 100 percent of the time,” said Anna Convery-Pelletier, chief marketing officer for Radware. “A cyberattack resulting in service disruption or a breach can have devastating business impacts. In either case, you are left with an erosion of trust between a brand and its constituency.”
It’s a vicious cycle. As the number of organizations under attack rises, so does the cost of attack mitigation. Most organizations can say they’ve have experienced some sort of attack within the course of a year, with only 7 percent of respondents claiming not to have experienced an attack at all. Twenty-one percent reported daily attacks, which is a significant hike from 13 percent in 2018.
It’s not just the frequency of attacks either; they’re becoming more ferocious and effective. More than three in four (78 percent) respondents hit by a cyberattack experienced service degradation — or worse, a complete outage.
Even with these rising numbers, a staggering one in three (34 percent) respondents don’t have a cybersecurity emergency-response plan in place.
It’s easy and even a bit cliché at this point to say that organizations must be primed and ready to be successful in their attack defense. Of course they should be. But the twist for MSPs is that they have to be right all of the time, for each customer network. So what’s the answer?
OneAffiniti, the channel partner-marketing company, recently surveyed small to medium-size businesses in the U.S., asking for their use of certain technologies now and within the next 12 months. Advanced security was the No. 1 priority for businesses investing within that time frame. It suggests that cybersecurity is a constant struggle for most businesses, and that the need to invest in newer, more advanced and (hopefully) more effective systems is effectively endless.
OneAffiniti’s Chris Jowsey
“The nature of IT security is changing, from a technology-only play to a more holistic approach, incorporating business processes and staff,” said OneAffiniti CMO Chris Jowsey. “The challenge for partners then is being able to offer both the technical support and business/people process changes required to successfully mitigate attacks.”
Needless to say, this puts MSPs under an unbelievable amount of pressure. When you have customers asking the tough questions like, “How are you going to ensure this doesn’t happen to me?” how do you answer confidently?
“The issue of security is that …
… it cuts into two dimensions in how it affects a business — that are very different than traditional IT services,” said Continuum CEO Michael George.
“MSPs need to have the ability to immediately detect and respond to a threat, while also having an integrated backup and disaster-recovery solution. You could go to a customer and say, ‘I can thwart 99 percent of the problems, but 1 percent is bound to get through, and when it does, I have you covered with backup.’ MSPs need to account for that dimension of immediacy to be effective, and if they have that coupled with backup, they have a solid security solution.”
There could be any number of answers here. Standardization? Requiring a certain level of tools and policies before taking on a customer? We have entered a new dimension, that’s for certain. Security and the constant threat and expense of cyberattacks are bringing these sorts of questions to light in ways they never have before. It’s time to halt the climbing costs.
Read more about:
MSPsAbout the Author
You May Also Like