AS threats get increasingly sophisticated, securing network may cost Philippine-based companies some $1,000 to over $1 million, a Kaspersky Lab executive told the BusinessMirror.
To safeguard a network, a small company needs $1,000 while a big one $1 million, Slyvia Ng, general manager at Kaspersky Lab Southeast Asia, said in response to an inquiry via e-mail.
“Kaspersky Lab and B2B International surveyed 4,000 business representatives from 25 countries around the world in 2016 to know the cost of a successful attack against a company,” she said. “The report, titled ‘Measuring the Financial Impact of IT Security Business,’ found out that securing a company’s network costs averagely $1,000 for very small businesses to over $1 million for large companies.”
But Ng noted that a firm’s losses could be much bigger than the amount of money it has invested in safeguarding the network.
“The same study said there are some types of attacks which can cost more monetary loss to businesses,” she pointed out. “The most expensive is a targeted attack, which financial impact goes from $143,000 for small and medium businesses and $1.7 million for corporations.”
Ng also noted that small and medium businesses (SMBs) have lost an estimated amount of $149,000 and enterprises $2 million to “rare but existing zero-day vulnerabilities”.
“The longer a breach goes unnoticed, the more it will cost a business,” she said. “SMBs averagely lose $28,000 in attacks detected instantly and $105,000 in infections undiscovered for more than a week.”
An enterprise that detected the breach early on may sustain an estimated financial loss amounting to $393,000, and if undetected for more than a week may cost over $1 million, she added.
“Aside from the tangible monetary loss, the aftermath of a successful breach also includes loss of a company’s reputation, as well as confidential information,” Ng said.
Philippine-based companies could be in the crosshairs of attackers at any time since cyber attacks respect no borders and the attackers are constantly looking for targets everywhere, she noted.
According to Ng, there have been definitely losses in the country, but no one could tell as to what extent, since some of the companies did not report the attacks.
“Attacks in the Philippines reflect that there are security loopholes that are needed to be addressed,” Ng said. “As an emerging economy, one of the fastest for that matter, and with its young and connected population, the country is fast becoming an enticing target to these online criminals. It is high time to put security on top of Filipinos’ mind.”
But Ng pointed out that there is no such thing as 100-percent security and that to prevent breaches a company should provide its best in mitigating threats.
“A proactive and multi-layered security solution is needed for maximum protection,” she noted.
Securing the network requires robust security solutions, both hardware and software, she stressed. Both the employer and the employees should be educated on cybersecurity.