The Hidden Costs Of Cyberattacks

Cyberattacks can have many effects on an organization. The impact will vary depending upon the severity and nature of the incident.

However, common perceptions are shaped largely by what companies must report publicly, namely theft of personally identifiable information (PII), personal payment data and personal health information. The cost of customer notification, credit monitoring and legal penalties are the most common topics. The industry has made significant progress in this area and is now able to agree on the “cost per record” calculation for data breaches by consumers.

However, cases of intellectual property theft, espionage and data destruction, attacks upon core operations, and attempts to disable critical infrastructure are rarely brought to the public’s attention. These attacks can have a far greater impact on organizations than what is visible. They also result in additional costs that are often harder to quantify and hidden from the public. Deloitte Advisory’s new study “Beyond the surface of a Cyberattack: A deeper Look at Business Impacts” recently highlighted the extent and duration of cyberattacks in financial terms. CFO Insights will concentrate on the seven costs that may not be obvious and why they are important to consider when trying to determine the total cost.

Below the surface costs

The cyber report revealed 14 business effects of cyber incidents as they unfold over a five year incident response process. There were seven direct and seven hidden costs. Different financial modeling techniques were used for the intangible cost estimates (see “Assigning value and intangible losses”) Research showed that data breaches are more costly than their “hidden” counterparts. They accounted for less that 5 percent of the total business effect in Deloitte scenarios.

Cyberattacks hidden costs are important to CFOs because of their impact.

Increases in insurance premiums Cyber incident-related premium increases can lead to an increase in insurance premiums. Unfortunately, there is not much information available about actual premium increases after cybersecurity attacks. Deloitte did informal research among cyber insurance providers and found that policyholders can face a 200% increase in premiums or even be denied coverage until strict conditions are met. * Our sources say that future costs can be affected by factors such as the willingness and depth of information given by policyholders upon reviewing the incident, the plan of the policyholder to improve incident handling and other aspects of its security program, anticipated litigation, and assumptions about the company’s cybersecurity maturity.

Costs to raise debt are rising. An increase in the cost of raising debt is caused by a decrease in credit ratings. The victim organization will be charged higher interest rates when borrowing capital. This could happen when they are trying to raise new debt or restructure existing debt. In the months after a cyber attack, organizations are perceived as more risky borrowers. Deloitte compared the credit ratings of nine companies from the same industry, which were all comparable in size, and found that the average Standard & Poor’s credit rating was A. These companies were also compared to companies that had suffered a cyber attack. In the short-term, credit-rating agencies tend to downgrade one-level companies who have suffered a cyber attack.

Operational disruption and destruction. Operational disruption or destruction is a variable cost category. It includes costs related to the alteration or manipulation of usual business operations as well as costs linked to rebuilding operational capacities. This could be the need to fix equipment or facilities, create temporary infrastructure, divert resources, or increase existing resources to support other business operations that replace those temporarily disabled. This could include the loss of goods and services. Each situation is unique and therefore requires a detailed understanding of many information components.

Customer relationships are lost value. It can be difficult to quantify the number of customers lost during the initial period following a breach. Marketing teams and economists approach this problem by assigning a value to each customer or member in order to determine how much investment the business needs to acquire them. Then they look at the revenue this customer or member is likely to generate over time for the business. These numbers can be compared by industry to determine how much investment is required to acquire and attract new customers.

The value of the lost revenue from contracts. The value of the lost contract revenue will include the revenue, lost chances, and ultimate income loss, linked with contracts ended due to a cyber attack. Deloitte calculated the value of test cases to determine the financial impact of lost premiums or contracts before and after the cyberattack. It was assumed that the company would lose revenues if it suffered a cyberattack. The present value, which is an estimate of future income streams in dollar terms. Since one could earn interest on the dollar received today, a dollar today would be worth more than a dollar in future dollars), of cash flows that the company would generate over the term of these contracts was then determined.

Trade name devaluation. The devaluation of trade names is an intangible category that refers to the decrease in value of symbols, names, and marks used by organizations to differentiate their products and services. A brand name refers to a company or product name, while a trade name refers to the entire organization. The likely value of a trade name before and after a cyber attack must be evaluated to determine its financial impact on a company’s business name. Deloitte used the relief-from–royalty method to value the trade name. Commonly used to value IP assets like trade names, the relief-from-royalty approach estimates the value by analyzing the price another entity would pay to license the company’s trade name. Deloitte used the actual royalties or rates that were paid in royalty transactions for similar IP types to establish a reasonable royalty fee. Profit margins across industries were also examined to determine how much a typical company would be able to pay.

Intellectual property loss. The loss of intellectual property (IP) is an intangible expense that results from losing exclusive control over trade secrets and copyrights, investment strategies, and other proprietary or confidential information. This can cause a loss of competitive advantage and revenue loss, as well as lasting and possibly irreparable economic damages to the company. IP includes, but is not limited to, patents and designs, copyrights trademarks and trade secrets. Trade secrets, unlike other IP types, are indefinitely protected until they are publicly disclosed. The value of IP can be approximated by estimating how much another party would pay for it to be licensed.

A fuller cost picture

Despite all the media attention given to major data breaches, business leaders, including CFOs rarely see the reality behind an organization’s efforts to recover from it. Cyber incidents are not just a technical issue. They often impact business value and performance, and go beyond technology. You can also see the subtler effects of cyber incidents.

Multidisciplinary approaches are required to understand the more subtle effects of cyberattacks on computer security. This requires deep understanding of cyber incidents, as well as financial quantification, valuation techniques, business context, and financial quantification. Leaders can improve their ability to recover from cyberattacks and manage cyber risk by having a better understanding of all the possible business effects, including the seven described here.

Call SpartanTec, Inc. now if you need help in protecting your information against online threats.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Three Best Practices to Prevent Cyber Attacks

Cyber attacks are getting more sophisticated and larger-scale. These include data theft, corporate spying and infiltration of industrial controls that disrupt manufacturing. Cybercrime is increasing in global scale.

Accenture reported recently that cybercrime has cost organizations an additional $1.4 million to $13million in 2018. It is better to prevent data breaches than respond when it’s too late.

Many companies now have a standard operating procedure to encourage proactive cyber attack prevention. Cyber attacks should be treated as a matter of when, where, and how. Security experts are well aware of this fact. What are the best practices for implementing a cyber security strategy across an organization?

How to Thwart Cyber Attacks

These best practices will allow you to think holistically and hopefully improve your cybersecurity awareness. These best practices will help you to stay ahead of any attack or data breach, as well as cybersecurity incidents.

1. Top-down policies can be used to improve security.

Policies must support best practices. Corporate governance must include cyber security. This requires buy-in from the top management, adequate funding for security hardware, training, and funding for external security services. All stakeholders should be given roles and responsibilities in the policy-making process. This chain should include IT leaders as well as corporate leaders.

Security is more than a cost. Management must realize this. Cybersecurity can be used for preventing losses and supporting new business opportunities. This can be achieved through improved customer trust, stronger supplier relationships, explorations of new revenue streams and better risk management with regard to potential acquisitions and divestments.

Senior managers and managed IT specialists should regularly conduct cost-benefit analyses for cyber security across all business units and functions. To determine the most cost-effective allocation, it is possible to use location inventory and data asset inventory. A million dollars might be too much for a business unit that has a $500,000 profit margin. These cost-benefit analysis are useful for determining growth strategies or cost projections.

Similar to the previous, IT-specific policies can be better informed by keeping an updated, detailed map of the organization’s overall cybersecurity architecture. This could include analyzing the organization’s attack surface, both internally and externally. This includes identifying potential risk areas in current applications and then finding ways to reduce them, such as reducing code execution, reducing entry point for untrusted users or eliminating services that are only requested by a few users.

2. Methods to support IT teams from the bottom up

Cyberattacks can be prevented, limited, or mitigated using a variety of methods if policies are in place for cyber security. It is important to update, patch and upgrade software regularly. It is important to review security products policies regularly. Monitoring alerts and incident logs is also important.

Networks should be divided using well-maintained firewalls to prevent lateral infections. All systems should be checked for potential penetration on a regular basis.

Access management systems are vital. It is crucial to restrict software access and user privileges. Securely store sensitive credentials, including passwords and SSH keys, in a central vault. Rotate privileged credentials, isolate temporary employees’ sessions from privileged accounts, scan for former employees with orphan accounts that might still allow unauthorized access, periodically scan for new passwords, and automate the process of transferring them.

All staff, managers, and employees must be trained in cybersecurity. This includes security gaps in mobile devices, unsecured communication, and email phishing attacks. Employees should report any suspicious activity or email that may be a threat to the network security or system security.

3. You can take proactive steps to detect and respond to cyber-threats.

Proactive cyber security is the best approach. Malware can be a threat for days, months or even years as an Advanced Persistent Threat (APT). Even if you think your system is normal, it is a good idea to assume that malware was installed on your computer.

It is essential to implement a security solution that scans for malicious files (threats, vulnerabilities, and others) and allows users to respond and confirm that endpoints are safe. This must be done regularly, preferably automatically, and should be available at all times in dynamic cloud environments. It might be worth looking into incident response and detection tools, which combine deep analysis with forensics-based capabilities. These tools can be used for assessing the health of your endpoints and validating what is running in memory at any time.

You may believe it is impossible to stop a cyberattack. Cyberattacks can almost always be stopped by endpoint security tools like EDR software, next-generation antivirus apps, strict security guidelines and compliance guidelines, as well as hardware like firewalls and multi-factor authentication devices.

Cyber attacks can be stopped with the right technology and people.

Request a Cyber Security Compromise and IT Risk Assessment

SpartanTec, Inc. can help with the initial steps to improving your cyber defenses. Infocyte’s compromise assessment can be used to quickly and affordably assess your security status, identify hidden threats, vulnerabilities, and determine ways that you can improve your IT hygiene.

Call SpartanTec, Inc. now if you want to protect your business from cyber attackers. Let our team of IT experts help you bolster your cybersecurity measures.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence