In the midst of the biggest cost-of-living crisis in decades, the looming threat of recession, and an unprecedented energy crisis, organisations of all sizes are trying to find ways of cutting costs and saving money.
While there are any number of measures organisations can take on that front – from relatively small ones such as asking people to work from home to save on energy to more drastic measures such as layoffs – the impact they have is variable at best. One measure that consistently saves organisations money, however, is investing in a proper cybersecurity solution.
In some ways, that might seem counterintuitive. After all, it’s an additional cost that the organisation might not otherwise have to deal with. But it really is an investment that can pay off in a big way. That’s because the best cybersecurity solutions not only protect organisations from the threat of cyber attacks but also help mitigate their damage when they do occur.
Ironically, the self-same economic pressures that are forcing organisations to look at ways of cutting costs are also making having a proper cybersecurity solution more important than ever.
A cost-of-living spike in cybercrime
That’s because, after a cooling-off period in the wake of the cryptocurrency crash, the cost-of-living crisis has resulted in a fresh spike in cybercrimes. In fact, in the two weeks leading up to August 2022, the National Cyber Security Centre received more than 1500 reports about scam “phishing” emails pretending to be about energy rebates from Ofgem.
That’s just one example of the kind of attack that cybercriminals are using. There are many others too. And in organisations that are under pressure and trying to reduce cost pressures, those kinds of “social engineering” style attacks are more likely to succeed and result in a breach. Given its support for Ukraine in the war against Russia, it’s likely that Russian state-sponsored actors will keep stepping up their attacks on UK companies too.
It should hardly be surprising then that recently released official statistics show that some 81% of UK organisations experienced at least one successful cyberattack in 2022. On top of that, 83% believe that a cyberattack is more likely in the coming 12 months.
Additionally, as predicted by PaloAlto Unit42, this year, more people will turn to cybercrime for financial gain, easy-to-access tools will become more widely available and vulnerabilities will be easier to exploit. The intersection of these factors will eventually lead to more cybersecurity incidents.
The cost of cybercrime
Those attacks can cost organisations serious amounts of money too. According to IBM, the average cost of a data breach in the UK in 2022 was US$5.05 million, placing it among the five most expensive countries for a breach globally. That’s to say nothing of the long-term damage that a breach can do to a company’s trust and reputation.
Even the disruption to normal business operations can be devastating. Think about it: could your organisation afford the 22 days it takes, on average, to get back up to full steam in the wake of a breach? This effect may be magnified even further if the breach hits your business-critical applications. Small wonder then that half of small businesses affected by a cyber attack go under within six months.
It’s also worth bearing in mind that, given the percentage of UK businesses that fell victim to a cyberattack in 2022, cyberattacks should be treated as something that will happen, rather than something that might.
Investing in the right cybersecurity solution
That makes investing in the right cybersecurity solution even more important. While it might seem like a major expense now, the cost of mitigation and recovery is likely to far outweigh any up-front costs for technical controls and expertise.
A good cybersecurity solution won’t just alert you to new threats and actively work to protect you from them, it’ll also ensure that you’re in the best possible position to proactively respond in the event of a breach. The faster and more efficiently you’re able to do so, the smaller the impact of the breach will be.
Moreover, it’ll continually identify, evaluate, treat, and report on your organisation’s software and network vulnerabilities. Ideally, it should start by identifying and addressing known vulnerabilities. Cybercriminals are constantly on the lookout for ways into an organisation and failing to address vulnerabilities is as good as leaving a door or window open for them.
A small hit can help you avoid a big one
Ultimately, it should be clear that cybercrime attacks aren’t going to fall anytime soon. They’re also not going to get less expensive to recover from. As such, even businesses that are desperately looking for ways to cut back on costs should consider investing in a good cybersecurity solution a non-negotiable.
About the Author
JP Perez-Etchegoyen is CTO at Onapsis. Onapsis protects the business-critical applications that power the global economy including ERP, CRM, PLM, HCM, SCM and BI applications from SAP®, Oracle® and leading SaaS providers. Onapsis proudly serves more than 300 of the world’s leading brands including 20% of the Fortune 100 and partners with leading consulting and audit firms such as Accenture, Deloitte, IBM, PwC, and KPMG. The Onapsis Research Labs is responsible for the discovery and mitigation of more than 800 zero-day business-critical application vulnerabilities.
Featured image: ©BillionPhotos.com