In the midst of the biggest cost-of-living crisis in decades, the looming threat of recession, and an unprecedented energy crisis, organisations of all sizes are trying to find ways of cutting costs and saving money.
While there are any number of measures organisations can take on that front – from relatively small ones such as asking people to work from home to save on energy to more drastic measures such as layoffs – the impact they have is variable at best.
One measure that consistently saves organisations money, however, is investing in a proper cybersecurity solution,JP Perez-Etchegoyen, CTO, Onapsistells Digital Journal.
In some ways, that might seem counterintuitive, explains Perez-Etchegoyen. By this, he means cybersecurity appearing as an “additional cost that the organisation might not otherwise have to deal with.”
He counters this by stating, “It really is an investment that can pay off in a big way. That’s because the best cybersecurity solutions not only protect organisations from the threat of cyber attacks but also help mitigate their damage when they do occur.”
Perez-Etchegoyen adds: “Ironically, the self-same economic pressures that are forcing organisations to look at ways of cutting costs are also making having a proper cybersecurity solution more important than ever.”
A cost-of-living spike in cybercrime
That’s because the cost-of-living crisis has resulted in a fresh spike in cybercrimes. For example, in the two weeks leading up to August 2022, the National Cyber Security Centre received more than 1500 reports about scam “phishing” emails pretending to be about energy rebates from Ofgem.
As Perez-Etchegoyen notes, this is just one example of the kind of attack that cybercriminals are using. There are many others too. This comes in the context where many organisations are under pressure and trying to reduce cost pressures. In these circumstances such “social engineering” style attacks are more likely to succeed and result in a breach.
It should hardly be surprising, Perez-Etchegoyen explains, that recently released official statistics show that some 81 percentof UK organisations experienced at least one successful cyberattack in 2022. On top of that, 83% believe that a cyberattack is more likely in the coming 12 months.
Additionally, as predicted by PaloAlto Unit42, this year, more people will turn to cybercrime for financial gain, easy-to-access tools will become more widely available and vulnerabilities will be easier to exploit. The intersection of these factors will eventually lead to more cybersecurity incidents.
The cost of cybercrime
Those attacks can cost organisations serious amounts of money says Perez-Etchegoyen, noting: “According to IBM, the average cost of a data breach in the UK in 2022 was US$5.05 million, placing it among the five most expensive countries for a breach globally. That’s to say nothing of the long-term damage that a breach can do to a company’s trust and reputation.”
The risks are clear: “Even the disruption to normal business operations can be devastating. Think about it: could your organisation afford the 22 days it takes, on average, to get back up to full steam in the wake of a breach? This effect may be magnified even further if the breach hits your business-critical applications. Small wonder then that half of small businesses affected by a cyber attack go under within six months.”
Perez-Etchegoyen adds: “It’s also worth bearing in mind that, given the percentage of UK businesses that fell victim to a cyberattack in 2022, cyberattacks should be treated as something that will happen, rather than something that might.”
Investing in the right cybersecurity solution
That makes investing in the right cybersecurity solution even more important, surmises Perez-Etchegoyen. He unpicks the following: “While it might seem like a major expense now, the cost of mitigation and recovery is likely to far outweigh any up-front costs for technical controls and expertise.”
Perez-Etchegoyen continues:
“A good cybersecurity solution won’t just alert you to new threats and actively work to protect you from them, it’ll also ensure that you’re in the best possible position to proactively respond in the event of a breach. The faster and more efficiently you’re able to do so, the smaller the impact of the breach will be.
Moreover, it’ll continually identify, evaluate, treat, and report on your organisation’s software and network vulnerabilities. Ideally, it should start by identifying and addressing known vulnerabilities. Cybercriminals are constantly on the lookout for ways into an organisation and failing to address vulnerabilities is as good as leaving a door or window open for them.”
A small hit can help you avoid a big one
Perez-Etchegoyen‘s closing thoughts are: “Ultimately, it should be clear that cybercrime attacks aren’t going to fall anytime soon. They’re also not going to get less expensive to recover from. As such, even businesses that are desperately looking for ways to cut back on costs should consider investing in a good cybersecurity solution a non-negotiable.”