Why should you care about cybersecurity? What will a strong security posture get you that you don’t have right now? Why go to the trouble of spending the money, the time and the effort on strengthening your security posture?
These are good questions and at the root of all the decisions that need to be made for personal or business. These questions are either overtly coming up or they are lodged somewhere in the back of your mind.
A good security posture will cost your company money; it will cost you resources in personnel, management and training. It also will cost you some time out of your busy schedule. These are a given. However, the benefits it will bring to your company and to you personally can be quite significant.
I have written extensively about this in my upcoming book on cybersecurity for management and executives entitled “One False Click: How to protect yourself in the coming cyber war.” It will be out soon and goes into detail on this subject. And in future articles I will go into more specific interventions you can do to help your company. But for now, let’s look at some of the numbers and how it will work in your situation.
I have said about cybersecurity that “no problem facing corporate America is more serious, more widespread and more fixable than cybersecurity.” And I stand by this today as I did years ago. But what we want to look at today is the fixable part. What does it cost to have a major cybersecurity breach and what does it cost to prevent one?
The cost of building a strong cybersecurity posture is not very easy to quantify. From a general standpoint, this can vary from company to company depending on goals as well as current cybersecurity posture. But we do know something about the cost. The average cost of a major breach is estimated by the Ponemon Institute at around $4.5 million per incident. Estimates from Secureworks put the number closer to $7 million, and rising. So when you ask, “what’s in it for me?” it can be a lot.
You don’t own a large business? OK, that’s understandable. Let’s look at the numbers a little differently that the Ponemon Institute also calculates the cost per lost record. The current average cost per record is $217. So if you lose only 1,000 customers or supply chain partner’s records that’s $217,000. That can be significant for a small business. In fact, 60 percent of all small businesses do not re-open their doors after a major cybersecurity breach. They simply could not sustain the loss. If you operate a small business, you also need to be looking at this. In the automotive aftermarket there are many small- and medium-sized businesses.
Where do you want to be?
Think about what your incremental cost would be to bring your security posture up to a strong position. It most certainly will not be in the millions unless you are operating a very large company that is way behind on your cybersecurity posture.
But if you are in this position you have much bigger things to worry about. On an average the companies I work with normally see returns of 20 or 30 to one in the cost of putting a cybersecurity posture right compared to doing nothing and suffering a major breach. In addition to this, you have to deal with the loss of customers, loss of members in your supply chain and your valuable reputation. All this results in the critical loss of trust, which is the most difficult loss to fix.
So there are lots of reasons – monetary, reputation, trust and negative publicity – about why you should care about cybersecurity. In the automotive aftermarket business, supply chain trust is critical. But with a little work and the guidelines I will continue to lay out in this column going forward, you can get on the road to safety and security.
Remember that there is always help available. It’s not a lost cause, because there is something you can do about it. Look to your trusted advisors both inside and outside your company. Security services companies also can be helpful. Perhaps even your peers can help you understand what they are doing to protect themselves. We will be talking about all of these in the future. These are good resources to get you on your way to a secure posture.
Subscribe to Aftermarket Business World and receive articles like this every month….absolutely free. Click here.