The Cost of Cyber Security
The Finance Director’s Handbook
Tom Davies, Finance Director at CyberLab, reviews the cost of cyber security and why it should be a priority for CFOs and Finance Directors. He covers:
- The Cost of a Cyber Incident
- What’s the cost-effective solution
- Cyber Security Support
Cyber criminals are constantly scanning the internet for vulnerable targets and businesses are often lucrative targets for cyber criminals. The UK Gov Cyber Breaches Survey for 2023 found that 32% of businesses and 24% of charities overall recall any breaches or attacks from the last 12 months. However, this is much higher for medium businesses (59%) and large businesses (69%).
The Cost of A Cyber Incident
Underinvestment in Cyber Security could result in a breach that risks the future of your business. The average downtime from ransomware is up 53% in the last 12 months to 19 days. What would the impact be to your business if your systems were offline for 19 days?
Another cost to consider is that of potential fines. If material data breaches do occur, organisations are likely to be hit by fines from the ICO which can be issued up to £17.5m or 4% of turnover, whichever is higher.
It’s not just the financial impact of a breach that organisations need to consider. Many organisations experience long term brand damage after a cyber incident. According to research by Varonis, as few as 6% of consumers will still purchase from a business following a data breach.
The Rising Cost of Cyber Insurance
Cyber insurance will help pay for financial losses that you may incur in the event of a ransomware attack or data breach. It also helps cover costs relating to the remediation process, such as paying for the investigation, crisis communication, legal services, and refunds to customers.
The cyber threat landscape continues to evolve, and the number of insurance claims continues to increase which is driven by the increasing threat of attack, in addition to attacks becoming more sophisticated which is resulting in increased downtime when breaches do occur.
The Cyber Insurance market has seen two-year premium increases over 260%, however, investing in the right solutions will likely reduce insurance premiums for your organisation and enhance your cyber security protection at the same time.
What is the most cost-effective solution for your business?
Outsourced support vs in-house
For enterprise level organisations, in-house cyber teams are a cost viable option, but many organisations are finding it difficult to attract and retain the talent required to support an in-house cyber team.
Retaining quality talent is crucial which is highlighted by the fact that 83% of organisations that experienced a ransomware attack had received warning signs from their cyber protection systems that had not been acted on. Smaller organisations will likely benefit from products such as Sophos MDR Complete which offers an outsourced cyber protection solution and 24/7 cover.
Multiyear licensing versus monthly subscription
How to fund your cyber protection is another key consideration depending on your current cashflows. For Enterprise level organisations, discounts can be attained by entering into multi-year licensing deals, but these are payable up front. For organisations looking to protect their cashflow, a number of monthly subscription models are also available in the market, but these will likely command a higher price over the full term of the deal.
Are you sufficiently protected?
CyberLab security support services are designed to complement your organisation’s in-house IT skills, ensuring your data is protected and security risk is reduced.
- Experienced Security Team – Working alongside the leaders in the industry, CyberLab is trusted to deliver the highest standards of service. Our ISO 27001 and Cyber Essentials Plus certification ensures your IT infrastructure is supported by experts.
- Reduced Costs – We’ll manage and maintain your infrastructure and services and ensure your systems are protected. CyberLab ensure that you’re getting the optimum service for your budget and requirements.
- Best Security Practices – Demonstrate compliance and protect your endpoints, devices, servers and software. We offer simple and quick implementation process and our team ensure your organisation and your data are secure.
Cyber Security Health Check
CyberLab provides free cyber security assessments which assess the level of your organisations protection against UK government guidelines. A cyber security posture assessment is a check-up for your business’s cyber health and is a crucial step towards protecting your business.
The assessment involves answering a series of questions designed to determine how prepared your business is to defend against cyber threats.
Detect. Protect. Support.
Understand your security risks and how to fix them.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance.