Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and ManagementCybersecurity News

The High Cost of Not Doing Enough to Prevent Cyber Attacks

If you have a basic security program and think you can get by with the bare minimum standard security measures in place, you are mistaken.

By Kim Ann King
cost-enews
December 13, 2016

Organizations are in a difficult place when it comes to protecting themselves against the current cybersecurity threat environment. Many companies believe that they’re too small to be a hacker’s target. However, given the wide range of businesses and organizations being hit on a daily basis, this couldn’t be farther from the truth. If your organization has data, and every business does, you are a worthy and potentially lucrative target for cyber criminals.

Because of financial damage, as well as damage to a company’s brand, there is a substantial cost for small to mid-sized businesses to recover from just one security incident. According to a recent report from Kaspersky Labs, the average cost of recovery from a single security incident is estimated to be $86,500 for small and medium businesses and 10 times that – $861,000 – for enterprises. These recovery costs take into account the time, cost and labor associated with:

  • Investigating what happened and how to prevent breaches in the future
  • Creating and sending customer breach notifications
  • Assuring customers that their data is secure after a breach or incident
  • Dealing with the bad press and media outreach/response
  • Paying additional attorneys and litigation fees
  • Taking a hard look at your IT environment and improving/hardening your defenses

Larger organizations are more able to absorb the costs of recovery than small and medium-sized companies. In fact, approximately 60 percent of mid-market businesses fail after a data breach because they simply cannot afford it, according to a 2012 study by the National Cyber Security Alliance.

The Risk of Doing Too Little

Company owners who become complacent because they think they’re flying “under the radar” are gambling, and we all know the deck is stacked in favor of the house, or in the case of cyber attacks, the hackers. If you have a basic security program and think you can get by with the bare minimum standard security measures in place, you are mistaken. Relying on this minimum protection, such as a firewalls and anti-virus software, just isn’t enough in today’s continually evolving cyber threat landscape. Consider these shocking statistics:

  • According to Symantec, 50 percent of all messages on the Internet are spam, many of which contain links to malware and ransomware. It only takes one wrong or inadvertent click to have a cybersecurity nightmare in your hands.
  • Symantec also reports that 60 percent of attacks target mid-market businesses. They’re easier targets than enterprises and they typically have less manpower and fewer technical resources to detect issues.

There is additional fall out when companies, large and small, fall victim to malware, ransomware, hacking, or a data breach. There may be ongoing disruptions to continuity, productivity, and operations, or even increasing insurance premiums. Beyond the cost of recovering from a security incident, there are other devastating effects of a breach, such as:

  • Ongoing disruptions to continuity, productivity and operations
  • Increasing insurance premiums
  • Losing customer loyalty and revenue from cancelled contracts
  • Devaluing of your company brand and degrading of your reputation

While the current cybersecurity threat landscape is pretty dire, there is some light at the end of the tunnel. While there is a lengthy list of steps you should take, and security services and/or software solutions you should employ to bolster your company’s security posture, I’ll focus on five steps that can be easily implemented and should be standard components of an overall security plan:

  1. Employee education – Employee education cannot be stressed enough. Unaware and careless employees are one of the most effective ways for cybercriminals to find “open doors” to the corporate network. Educating employees on the dangers of clicking on even one attachment or link in an external email, and making it part of the employee onboarding process, can be the best defense in preventing malware from finding that “open door.”  Just sending an email or two a year reminding employees not to open suspicious emails isn’t enough. Holding regular training sessions and making this training part of the new employee onboarding process is critical.
  2. Monitor potential insider threats – Just as employees can inadvertently pose a threat, they can also do so on purpose. Regardless of background screening, every organization faces a potential threat from disgruntled employees and contractors. Monitoring your IT environment should include all internal systems, not just the corporate network. Make sure you know if someone if trying different passwords 20 times in a row and any other anomalous behavior within your systems.
  3. Backup your data – Regular backups are the easiest way to protect your data against ransomware attacks. You can go one step further by encrypting the backed-up data so that only you or a designated administrator can restore it. This strategy allows you to cut your losses with minimal financial loss if a device does become compromised (other than the cost of the device itself). In the end, the data remains safe.
  4. Create an incident response plan – If a security breach occurs, it’s important to have appropriate measures for handling it in place. This includes the evaluation and reporting of the incident and preventing the issue from recurring by analyzing what happened and eliminating the problems that led to it.  
  5. Deploy whitelisting technologies – Whitelisting can be very effective in deflecting unwanted software from running on your systems, but it isn’t foolproof. Whitelisting should work in concert with additional layers of security, such as network monitoring, firewalls, endpoint security, mobile device management, etc. Once vulnerabilities are found, they should be patched immediately. Malware often relies on bugs in software and applications that can be easily exploited. When you quickly apply security patches, you give cybercriminals fewer opportunities to find the ways into your network and infecting your IT assets with malware.
KEYWORDS: cyber attack cybersecurity liability data breach

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Kim Ann King serves as VP of Marketing at EiQ Networks, a pioneering security services provider, where she is responsible for all of EiQ’s global marketing efforts. A veteran of several successful Boston technology start-ups, King oversees the company’s marketing strategy in order to capitalize on new opportunities and drive revenue growth. She was previously the CMO of SiteSpect, a web and mobile optimization solutions provider, where she was responsible for brand awareness, demand generation, and organizational enablement initiatives that drove customer acquisition and retention. An award-winning marketer, King is also the author of The Complete Guide to B2B Marketing. Kim holds a Bachelor of Science degree with honors in Public Relations from Boston University and a Master of Science degree in Communications Management from Simmons College. Follow Kim on Twitter: @kimannking

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber 2 responsive default

    Study Says Organizations Not Doing Enough to Prevent Employee-Caused Security Incidents

    See More
  • crisis-enews

    The High Cost of Not Having an Actionable Crisis Management Plan

    See More
  • social media apps on iphone

    CISOs aren’t doing enough to mitigate social media fraud

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Events

View AllSubmit An Event
  • August 7, 2025

    Threats to the Energy Sector: Implications for Corporate and National Security

    The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!