Cybercrime is a frequent occurrence in today's world. Hackers attack every 39 seconds, meaning a cyber attack takes place 2,244 times a day. According to IBM’s Cost of a Data Breach Report 2023, the average cost of a data breach on a global scale was an estimated $4.45m in 2023.

Despite the intensity of attacks, 77% of security and IT professionals worldwide indicate they do not have an incident response plan applied consistently throughout the company.

This may negatively impact the amount of time it takes to identify and contain a breach, which in turn increases the cost of a breach.

The average time to identify and contain a breach in 2023 was 204 days. However, research by the Ponemon Institute, a US research centre dedicated to privacy, data protection and information security policy, indicates a breach with a life cycle under 200 days costs $1m less than one with a lifecycle of more than 200 days.

The situation for businesses is further complicated by the challenges and increased vulnerabilities that have been brought on by the growing use of remote working across the globe in recent years.

According to research by the Ponemon Institute, 76% of respondents whose companies have shifted to remote work expect that working from home could increase the time it takes to identify and contain a data breach. Additionally, 70% of respondents expect that remote working could increase the cost of a data breach.

There is a disconnect between business' experience and concern about cyber security threats, and their understanding and ability to implement effective preventative measures.

• A lack of dedicated IT security staff, as well as difficulty recruiting cyber talent
• Insufficient planning for and response to cyber incidents
• A failure to identify weaknesses, or uncertainty about where to begin
• Underestimation of cyber security risks
• Limited understanding of their own cyber security posture

The reality of cybercrime is that it's more likely a case of when and how bad an incident will be for an organisation, rather than if it will occur.

And while you can't control when an attack will happen, you can limit its impact through effective preparation and a detailed incident response plan.

Three of the most common cyber threats to organisations of all sizes are malware, phishing, and ransomware.

1. Malware
   Malicious software, including viruses, spyware, trojans and worms, designed to access important information, take control of a person's computer or spy on them.
2. Phishing
   The use of fraudulent emails to trick victims out of money or information, or into downloading malware. The emails will mimic individuals or organizations that the person knows and trusts.
3. Ransomware
   A type of malware that locks down your computer or files until a ransom is paid. They usually gain access via a legitimate-looking email link or attachment and often ask for payment in cryptocurrencies.

While every organisation should prepare for cyber threats such as these, this is especially important if your business falls into one of the most at-risk industries for cybercrime: healthcare, manufacturing, financial services, government agencies, and education.

These industries are highly targeted for several reasons, including the personal data and intellectual property they hold, the amount of money they handle and the impact that their service disruption could have on a society or State.

It's important to first review preventative measures when looking to reduce the risk of a cyber attack. However, the likelihood of businesses experiencing a cyber incident is high, so effective risk management must also include a cyber incident response plan and team.

To learn more or read NCC Group’s Guide to Incident Response Planning, visit NCC Group.