At this point, the devastating impact ransomware can have on organizations in any industry have been witnessed the world over. Earlier this year, one hospital in Southern California was infected with Locky ransomware. The facility had to pay hackers $17,000 to get its systems back online, and this was after it declared an internal state of emergency. A few months later, the FBI announced that encryption malware was on pace to steal $1 billion from organizations in 2016.
While these costs and occurrences are alarming in and of themselves, they don’t necessarily illustrate just how financially damaging ransomware can be to organizations. There are hidden costs in addition to the initial ransom that are less talked about, but no less crippling.
Downtime and Remediation Costs
As we clearly saw from the Los Angeles hospital incident, system downtime is extraordinarily troubling – records were kept using pen and paper, and external communications took place via fax machine. However, downtime is as expensive as it is inconvenient. According to research from the Ponemon Institute, IT-related downtime costs businesses, on average, $7,900 per minute. In fact, DARKReading contributor Andrew Hay ran the numbers for the ransomware that impacted the aforementioned hospital, and it came up with this number : $533,911. That, according to Hay, is the total amount of estimated revenue that the facility lost, in addition to the $17,000 ransom.
Still, that’s only the tip of the iceberg. These “downtime” expenses don’t necessarily account for the longer-term, hard-to-quantify expenses, such as reputational damage, or what Hay refers to as “reactionary investment in new security technologies.” According to ITProPortal contributor Kowsik Guruswamy, the security tools that organizations will leverage following a ransomware (security operation centers, disaster recovery platforms, knee-jerk cybersecurity purchases, etc.) can cost millions of dollars over the course of a year. With tens of thousands of dollars that have already been spent on the ransom, downtime and reputational impact, remediation shouldn’t have to incur another million dollars in losses.
How to Preempt These Expenses
“Come up with a cybersecurity strategy that has a low total cost of ownership.”
The most effective way to prevent having to shoulder all of these expenses is to plan ahead. More specifically, try to come up with a cybersecurity strategy that has a low total cost of ownership. A good place to start is by investing in system restore software that has reboot to restore functionality. The immediate, day-to-day benefit of the ability to restore system configurations upon a computer restart is quick IT troubleshooting for glitches.
On top of that, reboot to restore functionality is an effective ransomware remediation tool. Infected machines can simply be restarted, resulting in a rollback to the pre-configured, ransomware-free settings. No ransom payments, IT downtime, reputational harm, disaster recovery platforms or ineffectual cybersecurity tools necessary.
To learn more, contact Faronics today.