Once again, the one story that made pretty much all of the splashes was that of Ransomware. I wrote a blog about this weekend, in the way how insurance companies are not paying any more claims for ransom payments.
But one thing did strike me as I was posting these
stories: The financial toll that a
Ransomware attack has on a business. In
the end, all we keep hearing about is the total dollar volume of the impact. While this is of course very important, one
also has to pay attention to the components that make up this number, and which
impact the bottom line to the company.
So, in today’s blog, we are going to review some of these
key components, but keep in mind, that this is not at all an inclusive list:
*The cost of your policy:
Just like your car and medical insurance policies, you are
either paying a monthly or an annual premium on your Cyber Insurance
policies. It may or may not cover
everything, so it is a good idea to take a careful review once again of what is
actually covered. My recommendation
would be to get a good lawyer that specializes in this area to help you
out. For example, if there is something
that should be covered and is not, they can negotiate on your behalf with the
insurance company. And remember, try to
get coverage ASAP. You won’t be covered
after you have been impacted. So
whatever you are paying in premiums for this, you need to include it as an
expense, because it is money out of the bottom line.
*Incident Response:
This is yet another cost if you have a dedicated team. For instance, if your company is large
enough, it is quite possible that you have a dedicated team for this specific
function. Then the cost here would be the
salary and benefits that you pay these employees. Or, if you outsourced this to a third party,
such as a vCISO and their team, then the cost would the contract on which you
have them engaged on. Whoever you make
use of, they need to be proactive and make sure they that there are no threat
actors that are lurking on the insides of your business. Of course, they will
need the appropriate scanning tools to this, and this also another cost that
needs to be taken into consideration as well.
*The legal costs:
No matter what business you are in, you always need to have
an attorney on hand. They could be an in-house
counsel, or even somebody that you have outsourced on an as needed basis. Whatever it is, this is probably one of the
biggest expenses that is associated with a Ransomware attack. For example, if you are hit with one, there
is a high probability that you could face some serious lawsuits from the key
stakeholders in your company. Also, you
will need legal advice on how to properly report the incident to federal and
state authorities so that you mitigate the risk of facing some serious
financial penalties. Also, they can be a
great source of advice if you should actually pay the ransom or not. Remember, there could be legal repercussion
in case you do decide to pay up, as I mentioned in the blog from last weekend.
*Dealing with the PR aspects:
Apart from dealing with the downtime you will face with a
Ransomware attack, another huge nightmare for most victims is in dealing with
the public aftermath. If you are an SMB
owner, then most likely you probably do not have a dedicate Public Relations
(PR) expert. In this case, you will need
to hire a reputable PR firm, that can handle all of the external communications
for you, especially when it comes to dealing with the media and customers. And this can also be a huge expense that you
need to take into consideration as well.
It may be tempting to go at this on your own, but even the slightest
wrong thing said can be taken immediately out of context, and be used against
you, thus causing even more financial damage.
So, it is wise to hire a PR agency in this regard.
*Negotiating the ransom:
Yes, believe it or not, there is a group of professionals
out there that specialize strictly in negotiating down the ransom, in case you
decide to pay up. These kinds of
consultants are not cheap either, or very often bill by the hour. The one key advantage that they do bring to
the table is that they will ensure that your payment is converted accurately
over to the appropriate virtual currency (most likely it will be the Bitcoin),
and that it is properly received by the Cyberattacker group in question.
My Thoughts On This:
So, here are some of the key costs that you should probably
take into consideration when calculating what the true cost of a Ransomware
will be, even if you have not become a victim.
There are other key costs as well, which include the following:
*Indirect costs:
These mostly deal with the costs associated with the loss of
brand image and existing customers and getting new customers on board.
*Costs of recovery:
This refers primarily to the time it takes to recover and
bring back up online your mission critical processes and operations. Your IT staff may not enough to handle the
stress of doing this all on their own, so you may have to yet hire some
external contractors to help out.
*The long term:
These are the costs that are associated with bringing your
business back up to the state of normalcy like it was before it was impacted by
the Ransomware attack. Important to this
is the Business Continuity Plan, which will help to ensure that this will
indeed happen.
Keep in mind that as the rest of the year unfolds,
unfortunately, Ransomware attacks will still occur, and will happen in ways
never thought of before. Just make sure
that you and your IT Security have their guards up at all times.
Finally more information about the costs of a Ransomware
attack can be seen here at this link:
https://www.sophos.com/en-us/medialibrary/Gated-Assets/white-papers/sophos-the-state-of-ransomware-2020-wp.pdf
No comments:
Post a Comment