A Look at the Numbers – The True Cost of Cybersecurity

A Look at the Numbers – The True Cost of Cybersecurity

When considering the importance of cybersecurity in the modern workplace, it is vital to consider the bigger picture. While statistics can show just how financially damaging a cybersecurity breach can be, there are more than simply monetary impacts on a business following a data breach. So it’s important to ask, what is the true cost of a cybersecurity breach?


A Closer Look


According to CyberEdge’s 2020 Cyberthreat Defence Report, more than 80% of organisations were subject to some form of cyber-attack throughout 2020/2021. Not surprising, considering the drastic shifts in workplace trends as the world adopted a work-from-home/hybrid working structure, having led to spikes in cybercriminal activity across the board.  With the pandemic paving the way for the virtualisation of the workplace, the events of 2020 also led to cybercriminals having access to a more lucrative and unprotected playing field.

However, with the increase of cybercrime, also came the increase of cybersecurity measures, with the average spend on cybersecurity measures increasing. As per Gov.UK’s report, the UK’s cyber security industry reached a staggering value worth an estimated £8.9 billion, with total revenues in the sector up 56% from £5.7 billion in 2017. A huge leap in the amount of money invested on cybersecurity in comparison with pre-pandemic levels, signifying an acknowledgment of its importance moving forward.

Some look to the fact of more organisations implementing basic cyber security measures following the introduction of the General Data Protection Regulation (GDPR) in 2018 as a reason for the cybersecurity market increasing. But on reflection, it would be tough to ignore the rising trends of utilising items such as cloud storage and backups to protect a business. These aspects have helped businesses maintain structure and undoubtedly have helped repel some forms of cyber attacks, but it is essential to know just how prevalent these cyber attacks are.

The State of Cybersecurity: Quick Facts


  • Cybercrime has increased by 600% since the beginning of the global pandemic. 


  • According to IBM, 2021 had the highest average cost of data breaches in 17 years.


  • Gov.UK reported that 39% of UK businesses came under attack in the first quarter of 2021, with many incidents causing significant damage.


  • A Ponemon Institute study found that organisations spend $3.86 million (about £2.9 million) per cybersecurity incident.


  • According to Gartner, the average cost of Information Technology (IT) downtime is (USD) $5,600 per minute. This equates to approximately $336,000 per hour.

Beyond the Numbers


Of course, it is easy to look at negative numbers which affect business and see that having your company susceptible to cyber-attacks can lead to loss of revenue. But furthermore, the ramifications for a cyber-attack can be incredibly far-reaching and harmful to businesses. 

Small businesses arguably have the most to lose from being hit with a damaging cyber-attack, with a report revealing that businesses with less than 500 employees lose on average more than $2.5 million per attack. Losing this amount of money in a cyber breach could be devastating to a small business.

On top of that, comes the impact from the reputational damage of being associated with being victim to a cyber-attack. This can lead to a severe impact to a company’s reputation through word of mouth and bad press, which ultimately leads to diminishing customer loyalty and trust.

While this can be linked back to financial detriment as the company recovers from a successful data breach. The operational downtime of a data breach could lead to its own financial strain. While measures such as incident detection in the form of audit logs and forensic analysis may lead you to uncover the issue faster, the amount that is lost per minute is staggering, and many SMEs may not be able to survive a financial hit of this proportion.


The Bottom Line


It is clear to see that not having adequate cybersecurity measures in place within your business may lead to financial strain, but additional issues that may arise as the result of a data breach such as reputational damage or operational downtime are other important factors that need to be considered. Being prepared to combat those who seek to work against us through nefarious means is essential for modern businesses.

Some larger companies may indeed have in-house IT teams, but many SMEs will turn to an external IT support network that offers expertise across carious strategic needs to take care of their various needs.

While many are often weary of the cost of proactive cybersecurity measures, costs typically pale in comparison when compared to the cost of the after effects of a modern cybersecurity attack.

To learn more about prevalent cyber attacks and how Fitzrovia IT can help you, read our latest guide on ‘The Most Common Types of Cybersecurity Attacks’.