A recent industry report by Claroty has shown the economic toll of cyberattacks, providing insights for businesses striving to fortify their defenses and mitigate the impact of these digital incursions.
The financial toll of cyberattacks
The Claroty report, based on a survey of 1,110 cybersecurity professionals responsible for cyber-physical systems (CPS), Internet of Things (IoT), and connected medical devices, shows the financial strain caused by cyberattacks. The data reveals that one in four CPS-enabled organizations lost more than $1 million due to such incidents in the past 12 months. Furthermore, 45% of surveyed professionals reported losses of $500,000 or more during the same period.
Read also: The economic reality of cybersecurity attacks in healthcare
Dissecting the costs of recovery
The financial impact of a cyberattack extends far beyond the initial incident, as organizations face numerous costs in the aftermath. The report indicates the primary factors contributing to these losses, including:
- Loss of revenue: Cited by 39% of organizations as a significant consequence
- Recovery costs: Accounting for 35% of the financial burden
- Employee overtime: Responsible for 33% of the losses
- Legal costs: Impacting 31% of affected organizations
- Loss of customers and partners: Experienced by 30% of respondents
The toll of operational downtime
The Claroty report also shows the impact of operational downtime following a cyberattack. Nearly half of the surveyed organizations (49%) reported that a cyberattack resulted in a week or more of operational downtime, with 29% indicating that the recovery process took over a month. This prolonged disruption can have consequences, from lost productivity to reputational damage and customers leaving.
The ransom dilemma
Ransomware attacks have become a prevalent threat, with many organizations facing the difficult decision of paying the ransom. The Claroty report reveals that only 13% of respondents said they did not pay any ransoms in the past 12 months. Conversely, more than half (53%) paid a ransom of $500,000 or more, with healthcare organizations being the most likely to do so, with 78% paying a ransom of $500,000 or more and 39% paying over $1 million.
Read more: To pay or not to pay: Cyberattack ransoms in healthcare
The risks of third-party and remote access
The report showcases the vulnerabilities posed by third-party and remote access to CPS environments. More than two-fifths of respondents (45%) said they had experienced five or more attacks in the past 12 months through these channels, with 82% of organizations reporting at least one such attack. Despite these risks, the majority of organizations (63%) admitted to having only a partial or no understanding of third-party connectivity within their CPS environment.
The ripple effect
Cyberattacks don't only affect the targeted organization; they can also have upstream consequences for their vendors and partners. The Claroty report found that 40% of respondents had experienced between one and five attacks with upstream effects, while 19% had experienced more than 10 such incidents. In response, 26% of organizations established new security protocols, 25% renegotiated terms or pricing, and only 15% opted to end their relationship with the affected vendor.
Related: How healthcare can avoid devastating supply chain cyber attacks
A shift towards proactive cybersecurity
The Claroty report suggests a growing awareness among organizations of the need for a more proactive approach to cybersecurity. Over half of the respondents (56%) expressed increased confidence in their ability to withstand cyber incidents compared to 12 months ago, and 72% anticipated quantifiable improvements in their cybersecurity posture within the next year.
Empowering businesses to mitigate cyber risks
The Claroty report sends a message to organizations, urging them to make cybersecurity a priority and dedicate the right resources and expertise to protect their operations and assets. By taking a proactive and collaborative approach, businesses can better manage the growing and changing cyber threats they face. This way, they can become more resilient and better positioned to handle potential financial disruptions down the road.
FAQs
What is a cyber-physical system (CPS)?
A cyber-physical system integrates computing, networking, and physical processes. It uses sensors and actuators to interact with the physical world and relies on software to monitor, control, or automate processes in real-time.
What are the primary motivations behind the surge in cyberattacks targeting the healthcare industry?
The motivations behind the increasing number of cyberattacks on healthcare organizations range from extortion and espionage to cyber warfare. Malicious actors are seeking to steal sensitive patient data, disrupt operations, and even target valuable medical research and intellectual property.
How can healthcare organizations effectively assess their cybersecurity vulnerabilities?
Healthcare organizations should conduct cybersecurity assessments at least annually, which involve identifying potential weaknesses across applications, networks, and systems. These assessments should also evaluate the cybersecurity awareness and training of the organization's workforce, as many attacks exploit human vulnerabilities through social engineering tactics.
Learn more: HIPAA Compliant Email: The Definitive Guide
Farah Amod
