A large-sized organisation in India incurs an average of $10.3 million in economic losses due to cyberattacks, according to a Frost and Sullivan study commissioned by Microsoft.
The study also said cyberattacks cost a mid-sized organisation an average of $11,000 in economic losses.
“Cybersecurity attacks have also resulted in job losses across different functions in more than three in five (64%) organisations that have experienced an incident during the survey period,” it added.
The study ‘Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World’ surveyed 1,300 business and IT decision makers ranging from mid-sized organisations (250 to 499 employees) to large-sized organisations (more than 500 employees) from 13 markets, including India. It found that more than three in five organisations (62%) surveyed in India have either experienced a cybersecurity incident (30%) or were not sure if they had one as they had not performed proper forensics or data breach assessment (32%).
Keshav Dhakad, group head and assistant general counsel, Corporate, External & Legal Affairs at Microsoft India said, “With traditional IT boundaries disappearing, the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation — as is evident from high-profile breaches this year.”
The survey factors in three kinds of losses that could be incurred due to a cybersecurity breach — direct (financial losses associated with the incident), indirect (the opportunity cost to the organisation such as customer churn due to reputation loss), and and induced (impact on the broader ecosystem and economy, such as the decrease in consumer and enterprise spending).
“Although the direct losses from cybersecurity breaches are most visible, they are but just the tip of the iceberg,” Benoy C.S., director and business unit head — digital transformation practice, middle east, North Africa and South Asia, Frost & Sullivan said. “There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organisations suffering from cybersecurity attacks can be often underestimated,” he added.