The Cost of Ransomware Payments Is The Tip of the Iceberg

The Cost of Ransomware Payments Is The Tip of the Iceberg

So how much does a ransomware attack actually cost? Can we calculate the full cost of a ransomware attack on businesses over both the short and the long term?

Our Buyer’s Guide for Endpoint Security helps you evaluate the best solution for your use case and features profiles of the leading providers, as well as a category overview of the marketplace. We examine antivirus, data loss prevention, application control, and other critical capabilities in detail. Get the latest on endpoint security here.

It turns out we can! Paul Furtado, a senior director and analyst of MSE security at Gartner, led a session at Gartner’s Security & Risk Management Summit. The session, entitled “Fighting Ransomware in Midsize Enterprises,” explored the costs of a ransomware attack in detail. According to Furtado and Coveware, the average cost of a ransomware attack payment by a midsized business in Q1 2020 was $178,254. That represents a significant cost for a substantial portion of businesses. 

However, that number only scratches the surface of the true cost. First, you have to factor in the downtime that results from a ransomware attack. Any amount of downtime can damage your business workflows and profits, and thus it can multiply the costs by five to ten times. This makes the current total between $891,270 and $1,782,540.  

Worse, these only represent the tangible costs we can accurately predict in the fallout of a ransomware attack. For example, your industry may come with its own legally binding compliance mandates which enforce fees in the wake of a data breach. Also, Furtado notes that data affected by ransomware could end up damaged: “Think of a database where somebody may have records open or a file in use. They’re going to encrypt that data, even though it’s not necessarily sitting at rest and may be sitting in transit. But the chances are when you go to decrypt it, it’s corrupted.” 

Corrupted data represents a significant cost in human work hours and money to recover or to replace (if it can be replaced at all). 

Learn more about defending against ransomware in our Endpoint Security Buyer’s Guide.

 

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me