Cybercrime is now a trillion-dollar cost to the global economy, according to a new report from cybersecurity firm McAfee.
The Hidden Costs of Cybercrime report states that costs have risen (opens in new tab)50 percent, compared to 2018 when they were estimated at $600 billion. Further, many of the impacts of cybercrime, albeit significant, remain unseen.
Losing money and intellectual property remain the biggest threats and are among the most damaging effects of a cyberattack, but the report argues that company performance, which suffers significantly as a result, is one of the most overlooked costs of a breach.
System downtime, for example, is a common occurrence for affected businesses, with the average cost to organizations from their longest amount of downtime in 2019 sitting at $762,231. More than a third (35 percent) of survey respondents stated IT security incident resulting in system downtime cost them between $100,000 and $500,000.
Reduced efficiency is also an important factor, the report further states, claiming that businesses lose up to nine hours a week because of disruptions. The average interruption to operations was 18 hours, it was found.
There are also costs to responding to, and reporting, an incident (opens in new tab). On average, it takes businesses 19 hours to move from discovery to remediation.
And finally, there is brand and reputational damage that is quite difficulty to quantify. Businesses have had to work with outside consultancies to mitigate brand damage, and hire new employees to prevent such occurrences in the future - all of which adds up.
“The severity and frequency of cyberattacks on businesses continues to rise as techniques evolve, new technologies broaden the threat surface, and the nature of work expands into home and remote environments,” said Steve Grobman, SVP and CTO at McAfee.
“While industry and government are aware of the financial and national security implications of cyber-attacks, unplanned downtime, the cost of investigating breaches and disruption to productivity represent less appreciated high impact costs. We need a greater understanding of the comprehensive impact of cyber risk and effective plans in place to respond and prevent cyber incidents given the 100s of billions of dollars of global financial impact.”