What’s the biggest expense your business faces? Whether it’s rent, payroll, or something else, there’s one potentially huge cost many business owners don’t factor in until they’re facing it – the cost of recovering from a cyberattack.

A data breach, ransomware attack or other digital attack that knocks your website offline can cost your business anywhere from thousands to millions of dollars in remediation, lawsuits from customers and fines by regulators. These kinds of crimes are rampant and target businesses of all sizes. The problem is so severe and widespread that Cybersecurity Ventures projects that cyberattacks will cost organizations worldwide $6 trillion by 2021.

Many smaller businesses—about 60%–never recover from a cyberattack. So, protecting your website from cyberattacks is one of the most important and most cost-effective business decisions you can make. Exactly how cost-effective can this be for a business?

Continue reading to learn more about the top costs associated with website compromises that impact businesses of all sizes.

Cyberattacks disrupt and even destroy businesses

Maybe one of your employees clicks on a phishing email and accidentally gives away his work email login information. Maybe someone forgot to fix a website security vulnerability when the patch was published. Either way, now your databases haves been encrypted by attackers. The site is down, and the criminals want money to unencrypt the data. But they’ve also copied the data and plan to sell it online whether you pay up or not.

And data isn’t the only business asset that ransomware can target. Some criminals use ransomware techniques to exploit business computers for cryptocurrency mining. That stealthy hijacking of business computers diminishes the CPU power available for business operations, raises the company’s electric costs and wastes help desk and IT resources to diagnose and resolve the problem. 

What’s the financial impact?

These scenarios happen to businesses all too often. There were more than 151 million ransomware attacks in 2019. The average amount that businesses pay to recover their data is $44,021. That’s a financial impact many businesses can’t bear. Apart from the cost of the ransom or the resource waste of a crypto jacking attack, website outages due to ransomware attacks cause businesses to lose money for as long as the site is unavailable to customers, vendors and employees.

That leads us to the next costly cyber risk to your business – unplanned downtime.

Unplanned downtime cuts off business revenue

How much money would your business lose if hacking, corrupted files, defacement, ransomware or a DDoS attack shuts down your website? It depends on the size of your business and the volume of sales you do through your site.

For more than 75% of SMBs, the cost of downtime was $40,000 an hour or less. For the rest, the cost of downtime was more than $40,000 per hour. Typical downtime costs related to DDoS attacks, which can crash sites with spurious requests and traffic, are more than $120K for SMBs and more than $2M for enterprises.

Why is downtime so costly? It’s largely because your customers can’t reach you while your site is out of commission.

Downtime and breaches drive away current customers and make acquiring new customers harder

When customers arrive to find your site offline (or worse, defaced with messages from attackers), they may take their business somewhere else, either because they no longer trust your site to protect their data or because they don’t want to wait for your business to get back online.

Businesses that suffer a data breach can count on at least some customer abandonment. How many customers could you lose? One survey found that 21% of U.S. customers abandon businesses permanently after a security breach, while more than 40% of UK and Australian customers will never return.

Any loss of customers results in a lower average lifetime value per. Moreover, a business whose reputation is damaged by a high-profile data breach or website takeover may have a hard time attracting new customers, resulting in the need to spend more to acquire each one. 

Your investment in your business can be wiped out by cyberattacks

All it takes it one successful cyberattack to wipe out the money you’ve invested in building your business. The costs of remediation and recovery are more than many businesses can afford, and standard business liability insurance policies don’t fully cover cybercrimes. 

Even if your business survives a cyberattack, the incident can have far-reaching financial consequences into many areas of the business. The average enterprise-level business spends 10% of its company revenue on marketing, according to Gartner’s CMO Spend Survey 2019–2020. The negative publicity that can follow a data breach or other cyberattack can undermine that marketing investment and force your business to spend more on campaigns to rehabilitate your brand image.

Deloitte found that “legal costs can cascade” for a business long after a breach is detected, “as stolen data is leveraged in various ways over time.” Businesses that have government contracts may also be at risk of losing those deals in the wake of a cyberattack. And if your business’ intellectual property is stolen in a breach, it could take years to recover from that lost investment.

Save money and protect your business with comprehensive cybersecurity

Experiencing a cyberattack risks everything you’ve invested in your business, including your livelihood and your employees’ income. Investing now in cybersecurity can protect your revenue stream and your assets as well as your customer base, your brand image and your reputation as an employer.

Contact us today to learn how you can protect your investment in your business with cybersecurity.