We defined multi-vector cyberattacks and explored how they are relevant to SMEs in the first part of this three-part series.
In 2017, the evolving cybersecurity landscape and sophistication of cyberattacks presented a host of new threats for SMEs’ data, clients, and overall bottom line, not to mention threats to their reputation.
As multi-vector attacks continue to increase, it’s important organisations understand how these attacks are perpetrated, as well as get a better sense of the critical implications they can have on small businesses’ operations.
While large organisations often have dedicated cybersecurity teams, SMEs often underestimate the impact cyberattacks can have on their business. This is why most SMEs today do not invest in the right level of security capabilities needed to protect their organisation against today’s cyber threats. Being aware of the impact an attack can have on your business is a first step towards allocating the right resources and budget for the protection of your assets.
So, what are the consequences of cyberattacks on small businesses?
Undeniably, the cost of experiencing a cyberattack can be exponential. Recent research conducted by Webroot revealed a cyberattack on an Australian business with 100 to 499 employees would cost on average AU$1,893,363.
Interestingly, although 96 per cent of these businesses in Australia, the US, and UK believe their organisation will be susceptible to external cyber-security threats in 2017, 60 per cent of Australian businesses believe they’re not prepared. These are quite alarming figures when we know that threats are growing and becoming more sophisticated every year.
Beyond the financial devastation, multi-vector attacks also effect productivity, often resulting in lengthy downtime. This is a cost within itself. On one hand, there is the internal impact: jobs running behind, lost files, a decrease in employee morale and trust in the business.
On the other hand, external consequences can have a greater impact on the business’ bottom line: it is very likely that customers and suppliers will be affected by the cease in production, having a ripple effect on stakeholders.
Not only can a multi-vector attack seriously impact a business’ financials and productivity, it can also have a long-lasting impact on an SMEs’ reputation. Businesses can spend years building their reputation and trust in their brand, consistently delivering on the business promise. All of that can vanish in an instant if the business suffers a cyberattack.
If you are hit by a multi-vector attack, chances are trust will be undermined and credibility lost, influencing staff, current customers and suppliers, not to mention potential future opportunities.
Over the past few years we’ve seen many examples of Australian organisations’ reputation being damaged by such type of attacks. Just last week there have been reports of Chinese hackers currently targeting Australian law firms that hold sensitive commercial information. Imagine the potential reputation damage for an established and trusted law firm – they could potentially loose majority of their clients in a matter of days.
Whilst large organisations often have sophisticated cybersecurity strategies in place, as well as teams of security experts at their disposals, SMEs have limited resources. This doesn’t mean they cannot be one step ahead of cyber criminals as well.
When it comes to multi-vector attacks, prevention is always the best protection, particularly as the impact of an infection has widespread ramifications.
In the final part of this three-part series, we’ll examine how small businesses can best protect themselves from the growing cyber threat of multi-vector attacks.
Daniel Slattery, Senior Information Security Analyst, Webroot