Cybersecurity is expensive for my company. Is it really so?

I have a company with 150 employees and an average turnover, why do I need cybersecurity? What can competitors or ill-wishers steal from me?

These and many other questions are often asked on cybersecurity forums. However, the world's leading companies and cybersecurity experts assure that it is indeed necessary to take care of cybersecurity, because today, due to a lack of understanding of the importance of this area of security, companies spend much more money on recovering from cyberattacks than on protecting their own cyberspace. Moreover, even small companies need to take care of cybersecurity to avoid becoming an attractive target for cybercriminals.

How can cybercriminals harm businesses?

There are many ways to harm your business, including: 

1. Deleting the site or blocking it. 

2. Loss of control over the website. In other words, attackers “take hostage” a domain, a trading platform and demand a ransom. 

3. Traffic hijacking. That is, competitors can install a redirect to your website and redirect users to their own Internet resource. 

4. Installing a viral code that will block your site when users go to it. 

5. Price and promotion hacking. This mostly concerns online stores. Attackers can influence the pricing policy without your knowledge and in the future block access to setting the prices of goods. 

6. Theft of customer personal data, as well as information about payment cards of counterparties.  

7. Encoding important data. By placing a virus, attackers can block access to the database and then demand money to recover the password. 

8. Mining. In other words, all of your server resources will be directed to meet the needs of the attackers. 

9. Using the site as a weapon. Attackers can upload a “sleeping virus” to your website, which, once activated, will start hacking third-party websites. 

As a result of such cyberattacks, companies will need a lot of time to resume their normal operations. This, in turn, will lead to stagnant productivity and, as a result, the loss of a considerable amount of money, resources, customers, and reputation.

What losses can a company incur due to malicious actions of cybercriminals? 

According to the statistics of the international company Cybersecurity Ventures, one cyberattack occurs every 14 seconds. In 2017, the IMF noted that the economic losses from the attack of the infamous NotPetya virus alone amounted to $850 million, and global cyberattacks cost $53 billion in total. 

In 2018, the IT community was lively discussing the story of a hack of a casino in Las Vegas using a smart aquarium. Attackers penetrated the local network of the gambling establishment through a wireless thermostat installed in the aquarium and appropriated the database of VIP players who usually place large bets. According to some assumptions, this valuable information could have been stolen at the request of competitors.

In 2017, Equifax reported that hackers had gained unauthorized access to information systems and stolen personal data of more than 140 million customers.

In Bangladesh, criminals attempted to steal $1 billion from an account at the Federal Reserve Bank of New York. Thanks to the active actions of specialists, the losses were minimized. Thus, the losses amounted to $101 million.

In 2018, cybercriminals sent phishing emails around the world. About 30 companies were affected by the massive cyberattack, and the cost of stolen data was estimated at $3.4 billion.

In addition to direct losses from cybercrime, a company may suffer other losses. For example, the U.S. Federal Trade Commission (FTC) imposed a $5 billion fine on Facebook for Cambridge Analytica gaining access to the personal data of 87 million users without their knowledge. 

According to the international company Cybersecurity Ventures, cyberattacks are one of the dominant risks to business growth. Moreover, experts estimate that in 2018, companies lost $6 trillion due to cyberattacks. Online payment fraud accounted for $22 billion. According to analytical forecasts by Cybersecurity Ventures, cybercrime will cost companies up to $6 trillion in 2021. These are impressive sums, aren't they? 

Global spending on cybersecurity by the world's leading companies has reached $1 trillion since 2017. This trend is driven by the danger and scale of cyberattacks. With this in mind, boards of directors, instead of investing in cyberspace protection, pay for a minimum package of services that will save their business. The most popular cybersecurity measures are: setting up a firewall and security protocol, installing staged protection on a domain, and round-the-clock monitoring to detect unauthorized access to networks as soon as possible.

How much does cybersecurity cost for a company?

In fact, you may be surprised, as basic website protection does not require a staff of professionals or a six-figure budget. You should start with a pentest and connect your company's resources to basic monitoring. 

According to cybersecurity experts, you can protect yourself from most cyberattacks with basic monitoring and protection, which includes: installing a Firewall, SSL certificate, and high-speed access to the site. Such a package of services in our company costs $99 per month.