Cyber Attacks Can Halt Your Business Operations
When a cyber attack occurs some of the most costly aspects are rarely at the forefront of companies' minds. Often overlooked is business interruption. Companies first think of the possible cost of a ransom demand, the expense to notify individuals, or the lost funds from a fraudulent funds transfer. One of the largest expenses can be lost income, the inability to accept payments, and downtime from the interruption of your daily business operations.
Business classes with the highest business interruption impact include manufacturing, retail sales, or general service industries with high volume transactions. Some reports indicate that business interruption can actually be 5-10 times the amount of a ransomware demand when you account for downtimes including the inability to perform day to day operations, labor production and lost income.
Think of a ransomware attack that locks up a manufacturers operations for 7 days. If they average $100MM per year in total sales with a profit margin of 15%, a 7 day breach could amount to $500-$1MM in lost income. The time it takes to negotiate with the ransomware thief and execute the decryption code is very time consuming and the hacker is typically on the other side of the world. Then hope that they actually unlock your systems after you pay.
Another thing to consider is that most ransoms are paid via Bitcoin which slows the process down even further. How many companies keep bitcoin on hand? The process of obtaining funds, engaging with a cryptocurrency exchange, paying the demand, and unlocking systems can takes days or weeks. Multiple reports indicate that the average downtime is 7-10 days per ransomware incident.
Ransomware is the most well know cause of Business interruption but any kind of breach or security event can lead to downtime and expensive and untimely interruption of your business.
If any kind of malware is placed in a companies infrastructure the IT department often needs to shut down access to critical systems to mitigate an attack and for isolate it's exposure. This results in downtime and lost income. Even if a threat actor simply gains access to a system, forensics firms often need to assess the damage and investigate the cause before the systems can become fully operational again.
Business interruption is just one component of real breach costs and should be a significant factor when determining the purchase of limits and coverage. Securing appropriate cyber insurance can help protect your business from BI losses and transfer these financial obligations from your bottom line to insurance carriers.