What does poor cybersecurity cost?
Lacking cybersecurity costs companies through downtime, production loss, recovery, legal issues and lost trust. Individual incidents can cost millions, especially with ransomware and vendor breaches. Preventive measures such as SOC/SIEM, training and vendor controls reduce risk and total cost of ownership.
What does a lack of cybersecurity mean for companies?
Should I ramp up my company's cybersecurity efforts? A good and important question. To understand how your company should act in this rapidly changing and risky environment, let's look at how investments in cybersecurity are evolving – and what consequences a neglected security effort entails.
Read more about:
-
- How do threat actors exploit your weaknesses?
- What does an incident cost your company?
- How are Swedish companies investing in cybersecurity?
Common attacks driving costs
Attacks on businesses are becoming more sophisticated and targeted. Ransomware, data theft, and phishing attacks against key individuals in the supply chain continue to rise. The goal is to steal login credentials or gain access to internal systems, often through tailored attacks on specific individuals that are difficult to detect in time.
Attack via third party
Attacks via third-party providers have affected several Swedish companies, for example in the SolarWinds attack where several Swedish authorities and companies were indirectly impacted when their IT provider's software was used as a springboard for breaches.
Malicious code in software updates or hardware from suppliers is an emerging problem, where attackers inject malicious code into updates or components, which can lead to companies unwittingly opening themselves up to breaches in their systems.
Social engineering and phishing
Social engineering is another method where attackers impersonating as suppliers or partners contact employees to gain access to sensitive information or systems. Insufficient control and security at the supplier's end makes it difficult for companies to detect and manage risks in the supply chain. This has led to several incidents where Swedish companies have been subjected to data breaches through less diligent subcontractors.
AI as a threat and defence
The threats are many and constantly changing. AI is increasingly used to enhance malicious code and create more advanced attacks. At the same time, over 82% of companies are investing in AI and machine learning in their IT investments, which is positive as the technology can also be used to detect threats and make more data-driven decisions. By prioritising AI, companies can strengthen their resilience against advanced attacks and human errors.
The fact that as many as 64% of companies are increasing their cybersecurity budgets this year shows that businesses recognise what a lack of cybersecurity can cost in both the short and long term.
What does an incident cost? Direct and indirect costs
That as many as 64% of companies are increasing their cybersecurity budgets this year shows that businesses realise what inadequate cybersecurity can cost, both in the short and long term.
This can involve direct costs related to downtime, loss of production, and system recovery. If you have been subjected to a ransomware attack, it can also mean costs in the form of ransom payments. An example of this is Coop Sweden's downtime in 2021 as a result of a supplier breach, which led to hundreds of stores needing to close for several days. The downtime cost Coop around 250 million SEK.
However, a security incident also entails indirect economic consequences for the company. Here it is more about lost trust among customers and partners, a damaged brand, and legal costs. It is these types of indirect effects that can impact long after the systems are restored and the business is up and running again.
Preventive strategies that have the greatest effect
To avoid these risks and their consequences, a clear focus on preventive strategies and long-term security investments is required.
Therefore, it is encouraging to see that security in the form of strategy and compliance is highly prioritised by companies. The more security-mature companies work continuously with vulnerability analyses, SOC, compliance, and real-time monitoring (SIEM). We also see that as many as 76% of companies invest in training to increase security awareness and safe behaviour among employees.
The costs of neglected cybersecurity work are significant - both economically and in terms of lost trust. Despite 64% of Swedish businesses increasing their investments in cybersecurity, a large portion of IT decision-makers, 44%, still believe that their organisation is underinvested in this area.
As business leaders, it is therefore crucial to combine technical solutions with conscious investments in strategy, training, and collaboration in the supply chain so that you are better prepared against future threats.
5 common questions and answers
- What does a data breach cost a medium-sized company?
Typically from hundreds of thousands to several million SEK per incident, depending on downtime, recovery/IR, legal/PR, any ransom, and brand impact. - Which attacks often drive up costs?
Ransomware, breaches via third-party suppliers, and targeted phishing/social engineering, as they often lead to longer downtime, data exfiltration, and costly recovery. - Which measures provide the fastest risk reduction?
Activate MFA everywhere, patch prioritised vulnerabilities quickly, implement EDR and basic logging, and have offline copies of backups and regularly test recovery. - How do we reduce the risk of vendor breaches?
Set security requirements in contracts and follow up on certifications/audits, give the least privilege and segment access, and monitor integrations and alert on deviations. - How much should we budget for cybersecurity?
A common guideline is 5–15% of the IT budget, but the right level should be risk-based according to business criticality, regulatory requirements, and your actual attack surface.
