In excess of 90 percent of enterprises round the world have testified attacks on their systems over the preceding twelve months. In several countries, attacks on Top corporations, in particular, are grabbing the ink of the headlines. Nevertheless, even minor companies and online vendors are popular targets for cybercriminals. In such cases, these attacks centre predominantly on the theft of intellectual property, or blackmail, with companies being forced to pay up or go out of business. A secure IT structure is, consequently, vital in shielding both your treasured data and your business.
In line with the contemporary analysis, small and medium-sized companies make for particularly common attack targets for the barrio of online criminals because of their ideas and innovations. Data loss, followed by security gaps in technology, downtime and corporate espionage aren’t just expensive; they can also threaten the very existence of SMEs, with targeted attacks of this kind bringing about very peak damages.
Consistent with a survey carried out by market research company B2B International as part of its “Global Corporate IT Security Risks: 2013” study on behalf of security provider Kaspersky Lab, small and medium-sized companies found themselves with average damages of 70,000 euros as a result of targeted attacks. This encompassed 55,000 euros in direct costs to plug data leaks, legal costs, lost profits and costs occasioning from interludes or precincts to business. An auxiliary 15,000 euros are required for preventive measures, like investments in hardware and software, training, and other methods premeditated to preclude comparable manifestations in the upcoming.
Fiscal Indemnities— With the Proverbial Writing on the wall reading, thus: The Sky’s the Limit
In paramount corporations, direct damages sustained owing to cyber-attacks cost, on average, a good 1.6 million euros. A supplementary 170,000 euros are expended on follow-up activities. The damages incurred vary not just due to the size of the organization, but also due to the industry and business archetype.
In this eon of e-business and e-commerce, voluminous corporations are open round the clock. If a cyber-attack causes system downtime in a company in which IT not only backs business progressions, but quintessentially reins them, a total collapse can transpire: production and delivery come to a standstill, goods don‘t leave the warehouse, customers can’t order or pay. The costs for missed working hours – which show a discrepancy by hourly rate and number of employees affected – are just a rough initial point for the damage caused.
Further cost dynamics takes account of reputational damage, angry customers and contractual penalties for late deliveries—something that is not infrequent in the automotive industry. “In industries in which the entire business model relies on IT, system outages can be incredibly expensive,” expounds Kaspersky Lab experts.
In keeping with calculations via the US market research company Contingency Research, the costs of idle time triggered by a Distributed Denial of Service Attack (DDoS) to a major online store, for a case in point, are above 100,000 dollars an hour. For a banking data centre, the per-hour figure can read at 2.5 million dollars while, for an online brokerage firm, it can be as copious as 6.5 million dollars per hour.
In a study carried out for HP by market researchers Techconsult, connoisseurs calculated the ship-shape sum of 25,000 euros per hour of downtime for business-critical systems in German SMEs. The revision also showed that the amount of damages varied in relation to the size of the company affected: while companies with less than 500 employees suffered damages of only around 20,000 euros per hour of downtime, the figure for companies with more than 1,000 employees was around 40,000 euros per hour.
In Emphasis: Assaults on Networks
According to Kaspersky Lab, targeted attacks do the utmost damage. They are, conversely, by no means the most joint threat to companies. As stated by the study, just five percent of cyber-attacks reported in Germany are beleaguered ones, while 25 percent takes in hacking corporate networks. This sort of attack can also have tremendous financial consequences: major corporations report an average of 1.3 million euros in financial damages. For SMEs, the figure stands at an average of 55,000 euros.
Threats are not at all times external, though. Corporate data can also be susceptible to security breaches from inside. According to the study, one in five companies has to deal with internal data leaks, for instance through employees sending emails containing confidential or sensitive information. The security vulnerabilities initiated by the use of mobile end devices—keyword ByoD—also pose a tremendous challenge to companies.
On the word of Kaspersky Lab, vulnerabilities in corporate software are, at 39 percent, the primary cause of cyber-attacks. It goes by without saying that; if these vulnerabilities are discovered and exploited by criminals, the costs to major corporations can be as good half-million euros. Small and medium-sized companies are affected, on average, to the tune of 46,000 euros.
How can Companies Protect Themselves?
As besieged attacks are perpetrated against corporations by cybercriminals and are prudently and skillfully engineered, conventional antivirus software alone is insufficient. As an alternative, far-reaching proactive measures are necessary. Here are five tips from the Kaspersky specialists:
1. Invest in security—and thus in the future of your company. “Investing in security solutions is considerably cheaper than losing business through attacks, or paying PR companies to repair a damaged reputation,” elucidates Kaspersky Lab experts.
2. Use professional security solutions. Cybercriminals are professionals, too. They invest a great deal of money and time in developing and distributing viruses, Trojans and spyware. According to Kaspersky Lab, over 200,000 new malware samples appear every day. Therefore it’s very important for small sized companies to install a security solution and be safe and secure. In general the new third version of Kaspersky Small Office Security helps a business owner with just basic computer literacy to centrally manage the entire infrastructure of the company like setting each employee’s individual permissions and access restrictions to internal resources and specific sites or whole categories of web sites (e.g., social networks, etc.). You can also remotely adjust security settings for each computer or mobile device used in the company. There are up to 25 Small Office Security licenses available for every business, and each license covers both a PC (on Windows) and a mobile device (on Android). As a result, the 10 licenses de facto provide protection for twenty user devices. Its key solution includes new features such as, Safe Money to Protect Online Banking , Enhanced Mobile Device Support, Automatic Exploit Prevention, Password Manager, Online Backup along with Web Policy Management, Data Encryption and File Backup, Central Management that help small businesses stay ahead of modern security challenges.
3. Control mobile devices. Using mobile end devices poses a tremendous risk. If a company allows its employees to use such devices, these should be centrally managed, controlled and protected.
4. Create security guidelines and train your employees. Without systematic security guidelines, the situation is chaotic. And employees often (unwittingly) act as accomplices to cybercriminals. In order to prevent this, they should have the risks explained to them, be appropriately trained and be required to follow regulations.
5. Think holistically. The range of corporate IT threats is a wide one, and there is no proverbial “silver bullet” solution at the offing; which protects against everything. Innovative software can provide tremendous security—“but remain alert!”