Let’s begin with a cold, hard fact. If a business has been targeted by cybercrime from an outside source, there is a 68 percent chance that another attempt to access their network will come within one year. This statistic comes from Crowdstrike, a cybersecurity solutions provider. Despite this reality, there seems to be a perception that there’s some unwritten rule somewhere that a company can only be attacked once.
Let’s go over this discrepancy, and what it means your business needs to do.
Why Breaches are Commonly Seen as One-Off Events
Before we get into the data, let’s tackle the crux of the matter. Too many businesses seem to have the idea that, if they are successfully breached by a cyberattack at some point, they are somehow immune to all cyberattacks from that point forward.
This isn’t the case, especially as we just outlined a statistic that does just that. Instead, let’s consider why the opposite is such a popular outlook.
There’s the Misconception that Most Disasters Are Freak Events
Consider it for a moment: Many disasters we go over when we discuss business continuity planning, such as hardware failure and lightning strikes, are often considered “freak events.” They’re those moments when circumstances happened to line up just right or wrong, depending on how you look at it.
However, this simply isn’t the case. Take hardware failure, for instance. There’s actually a formula meant to help manufacturers recommend inspection and replacement rates for specialized systems, like aircraft guidance systems. These failures are rare, but need to be anticipated, and so are expressed by calculating the mean time between failures (MTBF):
- Basically, you run an identical experiment on a set number of test cases, for a set amount of time, marking how long it takes for each test case to fail. Any that don’t fail simply get the duration of the test for that value.
- You then add up the amount of time each one was operational (including those that didn’t fail) and divide that total by the number of test cases that failed during the experiment.
- At that point, you have the average number of times that the test cases failed during the experiment, which you can then convert to a more meaningful timeframe to reference.
This doesn’t mean that the hardware won’t fail sooner or may not fail for some time after the MTBF passes. It’s the average estimate, which means there can — and will — be outliers.
This Principle Applies to a Lot of Things
The same can be said of weather events. Contrary to the old saying, lightning does in fact strike twice. The Empire State Building website says that the iconic building is struck about 25 times a year. Consider Roy “Human Lightning Rod” Sullivan, who was struck by seven lightning strikes between 1942 and 1977 and survived each time.
The thing about chance is that it’s a numbers game, and different variables that apply to your business will influence these numbers differently. All most disasters are is the culmination of the right variables that contribute to a specific result.
Cybercrime, by comparison, works differently.
Why Cybercrime is Different
Returning to Crowdstrike’s data and the 68 percent chance of a second attack following a first, it only makes sense. Cybercriminals and the algorithms and strategies they utilize actively target low-hanging fruit. Businesses that were already breached once would certainly qualify as such in the eyes of the opportunistic cybercriminal looking to maximize their return for their efforts.
Fortunately, in the case of Crowdstrike’s data, those businesses attacked for a second time managed to prevent a second breach.
What This Means for Your Cybersecurity
Frankly, if you’ve already been targeted by cybercriminals before, there’s an excellent chance it will happen again. This means you need to ensure that your cybersecurity is comprehensively locked down — especially, but not limited to, the vulnerability that let in the threat the first time.
The same really needs to be said for businesses that have not yet been breached. Complacency is not your friend in terms of cybersecurity, so it pays to be proactive and prepare to rebuff any incidents that you can.
Advisors Tech can help with our comprehensive cybersecurity protections and our monitoring services. Not only will we make it more difficult for threats to get in, but we’ll also keep an eye on your infrastructure to quickly catch those that do. Reach out to us at 844.671.6071 to find out more.