Charity cyber attacks – costs and recovery
18 April 2019
How much could a cyber attack cost your charity and what help might you need to get back on your feet?
With just over 70% of charities in our survey telling us they are fully prepared to deal with a cyber attack, it's interesting that just over half have a cyber security plan in place1. After data breaches, the biggest impact charities identified as a concern following a cyber attack was the cost of putting things right,1 but there is often more to a cyber attack than the cost.
A cyber attack can leave your charity with questions to answer:
- How will you know how many records were lost?
- How will you recover the data?
- What will you do if someone takes legal action?
- How will you defend against another attack?
- How will you protect your reputation?
- legal defence against liability claims
- professional IT and forensic services
- loss of income due to the attack.
How much could a cyber attack cost?
IBM Security and Ponemon Institute examined the costs to companies following the loss or theft of personal data. They found the average cost per lost or stolen record to be £113. Working off the average of £113 as an example, for a charity with 10,000 donor or service user records the cost would come out at a hefty £1,130,000. However, organisations who had an incident response plan in place saved an average of £260,000 per breach2.
Cyber insurance for charities
This is why insurance can be a really important second line of defence. Insurance can help cover these costs and a comprehensive policy will support your charity's longer-term recovery with access to professional help.