You insure your company against loss. You license your company so as to protect your personal assets. You even pay into a system that protects your workers. Yet if you’re not protecting your company and educating your employees about the dangers of ransomware, you could be placing its very existence at risk.
It’s estimated that 80% of ransomware attacks are due to human error in opening a bad file or link, or not having up-to-date patches applied to software. And with employees accessing the network with their own unprotected devices, your business may be more exposed than you think.
There are a number of costs associated with ransomware; the lowest of that usually being the actual extortion money demanded by the cyber criminals. That is inconvenient and annoying, and certainly not budgeted for, but there are far greater costs at stake.
Costs of Ransomware Infection
As mentioned above the initial cost will be paying the ransom. This can be anything from a few hundred dollars to a few thousand. According to the Institute for Critical Infrastructure Technology the average request is $300. But if that sounds like small numbers know that the FBI estimated Cryptowall alone (a type of ransomware) drained 992 people of $18 million in June 2015. In February of 2016, Los Angeles Hospital alone paid $17,000 to recover their email systems and patient files.
If you have periodic backups, you may be able to avoid paying the criminals but to do so you must have a firm understanding of how long you can be offline and what you can afford to recreate/lose. Even if you perform daily backups, you will need some amount of time to restore the data online. During that time, you’ll have to be offline. Only you can calculate how much being offline costs your business. According to the Ponemon Institute, the average cost of a business being offline is nearly $8000 per minute. At those rates, even restoring from a daily backup becomes costly quickly.
Costs of Recovery or Reconstruction
One thing that is beyond price is your company’s reputation for keeping its files secure. Once customers know their private information has been exposed to cyber criminals, they will be slow to forgive. They may decide to move their business entirely.
The hardest part of recovering from a ransomware attack is not the damage done to your budget because of the criminal’s demands. It’s the loss of reputation and clients taking their business elsewhere because they can no longer trust your security practices.
Ransomware can also affect employee files and they too will feel disappointed in your security efforts.
With ransomware, once you have it, it’s too late. Your best guard against a data breach that causes a loss of customers, your reputation, and thousands of dollars in restoration time and money, is to keep backups of your files and work with a managed IT company to ensure best practices are followed and your cyber security is iron-clad.
Don’t regret. Protect. Call CIO Tech today at 813-649-7762.
Sources:
https://www.allcovered.com/content/content/231/march_2016_security_awareness_ransomware.pdf