The Unexpected Costs of Cyber-Attacks (and How to Prevent Them)

If you are reading this, you are probably anxious about cybercrime.

For good reason, too. The recent reports are particularly troubling. Purplesecs’ annual review estimates that, due to the pandemic, cybercrime is up 600%. This is a continuation of an annual trend, with a Hiscox study showing that more than half UK firms reported a cyber-attack in 2019, which was a further 15% rise from 2018.

The targets? Well, while attacks on governments, large healthcare providers or JBS (the world’s largest meat supplier) make the news more often, overwhelmingly it is small businesses that suffer. 

The Cost

A recent poll of more than 500 business leaders discovered that nearly a quarter of UK SMEs would be likely go bust if they had to absorb the average cost of a cyber attack. Hiscox estimates that the average mean cost of a cyber attack on a small business in 2019 was £11,000! The total costs are forecasted to be $20 Billion by the end 2021.

This staggering figure includes a number of elements that you may not have considered when thinking of cyber attacks, such as:

• Ransom (Purplesec averages this at about $8,100 in 2020, though that figure is rising)
• Replacements for compromised hardware
• Downtime Costs (including wasted employee wages, lost business deals ect)

Though it is not an easy figure to estimate, you also have to consider the compromised trust with your clients. All in all, it’s a pretty scary world out there for a small company, but have no fear. There are ways to protect yourself.

Knowing your enemy

The first step to better protecting yourself is knowing what you’re protecting yourself from. It is estimated that 92% of malware is delivered by email. Only one machine needs to be infected in order for malware to infect your entire company. Suspicious websites can be gateways for so-called SQL attacks, which usually corrupt normal “Sign Up!” data entry fields.

In the short-term, employee cybersecurity training can protect you in many of these instances. Make sure that your employees know to

1. Avoid suspicious links (Especially in emails or SMS)
2. Report any phishing emails they receive
3. Lock any laptops or computers when they are not at their desks (in case of theft, but also to prevent GDPR breaches)
4. Never share passwords, and make strong ones. No repeats!
5. Never, ever put information into a site they don’t trust

Also, keep all your software up to date. Though many attacks happen on completely up-to-date systems, many of the larger hacks in recent years – like the Republic of Ireland’s health service – were caused by out-of-date software.

The Long Game

Ultimately, keeping an entire business in one physical space is just a massive risk. If you run your company on spreadsheets and internal networks, it only takes one compromised machine to expose all of your data.

Using a cloud based system solves this problem instantly.

Taking the Zoho system as an example in this instance, they employ a number of key techniques to keep key data secure.

• Network Redundancy. This means that if one piece of the network goes down, or is otherwise compromised, it can be separated from the rest. This stops viruses from spreading through the whole system and makes outages a thing of the past.
• Data isolation. No data is stored in the same place as anyone else’s. So, even though Zoho has thousands of customers, a breach in another company’s systems will never affect yours. Also, if you choose to stop using Zoho for any reason, all of your data is purged from their archives. Your data stays with you.
• Fully Monitored Systems. It’s an easy benefit to overlook, but there is a lot to be said for someone actively managing the firewalls. On top of that, email malware and spam protection are all managed for you, minimising risk.

The takeaway is this: if you want to keep all your data safe, and you don’t have the budget for a massive internal security team, you can’t protect it on your own. You need a well-built cloud system that can help you defend against cyber-attacks and we’re just the people to help.

Here at A2Z Cloud, we have been finding cloud solutions for business for over 10 years. We tailor bespoke cloud systems built entirely around your needs and we would be more than happy to answer any questions you might have.