The True Costs of a Cyberattack for Enterprises

Learn why the true cost of a cyberattack goes far beyond just a loss of data.

When a business suffers from a cyberattack, there is a very clear and immediate cost as a result. Sensitive, confidential information has been compromised. The average direct cost associated with such a data breach for an enterprise with more than 1,000 employees is $551,000.

While that number alone is enough to make you gasp, there are many residual costs that you may not think about, but could hurt your businesses’ reputation for quite a long time. These issues help paint a clear picture of why businesses need a strong and effective IT security plan.

An attack often interrupts business continuity, which results in extended periods of downtime for company employees while the company is trying to recover. It is estimated that attacked enterprises suffered an average of 23 hours of downtime, resulting in an average loss of $1.4 million.


Enterprises that suffer a cyberattack also suffer damage to their reputation, which can lead to losses associated with customers’ unwillingness to use the product or service of the company. It is estimated that damage to the brand of the company results in costs that are 7.5 times higher than the direct costs associated with recovering from the attack. Customers want to know that enterprises are secure, and many are unwilling to trust a company that they believe is not.

Many people believe that cyberattacks are becoming less of a threat, but this could not be farther from the truth. Research has shown that security incidents are growing at a compound annual growth rate of 66%. It is estimated that by 2020, 30% of Global 2000 companies will have been directly compromised by an independent group of cyberactivists or cybercriminals.

Research has shown that the average total financial losses from security incidents at enterprises is $3.4 million. These numbers make it clear that a cyberattack of any kind can have a devastating impact on business, and that having an IT security plan in place is more important than ever.