When reference is made to cybersecurity incidents, much of the focus remains on the overall monetary losses. Typically a general statistical figure is used (usually in the hundreds of millions) which represents the financial impact of data breaches across the globe. The problem with these facts and financial figures is that it can be difficult to apply them to one’s own business, which unfortunately leaves many companies vulnerable to continued attacks and at a much greater risk of becoming a victim.
Thankfully, Cisco recently released its Annual Cybersecurity Report, which delves much deeper to reveal the impact that a data breach from different angles; namely from the perspective of how many customers the average business is likely to lose as the result of a security compromise. The following eye-opening stats can help bring the real and growing risk of cyber-attacks into better focus and demonstrate the critical importance of implementing a strong incident response strategy.
Consider for a moment that, according to the report, 50% of organizations that have experienced a cybersecurity breach in just the year 2016 alone faced a backlash of public scrutiny and more than 1/3 of them reported that scrutiny resulted in a hit to customer retention. As a result of losing customer trust and subsequent business, these companies realized a revenue loss of more than 20%. Additionally, the report also revealed that some 23% of organizations facing a security breach lost out on future business opportunities.
Often times it’s difficult – especially for smaller to mid-sized companies – to visualize what portion of the astronomical dollar amount that is discussed in relation to security breaches. It seems almost far-fetched to some degree. But when you think about it in terms of how many actual customers your business could potentially lose as the result of inadequate cybersecurity measures, it comes into focus.
This is important to point out because, in reality, no organization is safe from hackers. In fact, more and more cyber criminals are actually targeting smaller businesses because they feel there is a greater likelihood of success. By drilling down to reveal statistics that can be applied to companies of every size and industry, the real risks and subsequent costs of cybersecurity breaches becomes much clearer.
So, what’s the solution? Well, the first step is developing a strategy that covers all of your bases. Many businesses suffer the consequences of a successful attack not because the incident occurred, but because of the amount of time it took to finally identify and address the problem. Cisco’s report indicates that only 56% of cybersecurity alerts are actually investigated. Furthermore, less than half of legitimate incidents are properly remediated.
The problem many organizations face, and the reason these numbers continue to come in at alarming levels, is because of the gap that exists between the frequency and complexity of attacks and the skilled staff to handle them. This is where technology can truly be the differentiator. To give your business the best chance at avoiding a costly breach, there must be a closed-loop process in place that will serve to monitor all incoming alerts and automatically either remediate or escalate to the appropriate party for attention. This type of automated cybersecurity incident response serves to bridge the skills gap while simultaneously addressing the ever-evolving threat environment.
The good news is of the nearly 3,000 chief security officers and security operations leaders from 13 countries surveyed, 90% said they were actively improving on their threat defense processes and technologies.