As our world becomes increasingly hyper-connected, opportunities for innovation are virtually limitless. For example, the distributed processing power initiated by cloud computing has freed businesses to explore new opportunities that didn’t even exist just a few years ago.
However, with these new opportunities comes great risk. Known and emerging hacking groups, political protest movements, and even governments have become sources of cyber attacks that are being executed on a daily basis.
This article presents an overview of the basics every business owner should know about the evolving IT security threat ecosystem.
Why do they do it?
Psychological and sociological studies are just beginning to take shape around the relatively new area of deviance displayed by cyber-criminals. The goals of the various groups involved in cyber attacks can include a desire to embarrass or shame their targets, or a wish to diminish political stability. More business-specific goals include exposing or stealing intellectual property and trade secrets, harvesting sensitive data and personally identifiable information (PII), and disrupting critical business processes.
U.S. companies will spend more than $130 billion this year as a result of data breaches, up three-fold from just a few years ago. If your business is in the e-commerce sector, a severe attack can slow sales and prevent completed transactions entirely. Many companies do upwards of $100,000 of sales per minute, so imagine the damage done by an attack that lasts hours — or days.
Safeguarding a company’s information assets comes with a hefty price tag, too. The global market for network security (including VPNs, intrusion prevention and detection, firewalls, and unified threat management) reached $8.16 billion in 2011. Considering the recent wave of cyber attacks, it is clear we are not yet spending enough on network security.
Another business area that takes a major hit from a cyber attack is a company’s brand. The time, money, and effort you’ve put into building a trustworthy brand that reflects your company’s values can be damaged in a few moments by a faceless cyber attacker.
Some cyber attacks result in bad press, embarrassment, and a loss of credibility. When media outlets are attacked, accurate news reporting — and even the company’s reputation — can be compromised. Inserting false information on a website can create confusion and require downtime to remediate.
In short, a cyber attack can cost more than dollars and productivity. Brand equity, customer relationships, credibility, and ad impressions can all be damaged. In fact, reputational damage can be longer-lasting and more difficult to recover from than a one-time financial hit.
Impact on Adoption
Businesses aren’t the only victims of cyber attacks. In 2009, U.S. citizens lost more than $550 million to Internet fraud. As people conduct more of their business and personal lives online, their security concerns have a direct effect on shopping behaviors, information sharing, media consumption, application adoption, and other forms of business. Security concerns are often the greatest barrier to technology adoption as more people view the technological ecosystem as threatening.
Understanding the various ways a cyber attack can threaten your business is the first step toward creating your recovery plan. As you can see, the damage done by cyber-criminals goes well beyond the financial realm, and so should your plan.