Ransomware Costs

Ransomware is everywhere, and this is how much it’s costing you.

A recent study by the company ThreatConnect identified the cost of recovering from a ransomware attack, including for small businesses, is as much as 30% of operating income. While IBM puts the average data breach cost at $4.82 million, that number really never resonated with small businesses. Now, however, we can think about the financial damage in terms we can all relate to - operating income. But it gets worse, for the healthcare industry, there's an added layer of financial costs, and those come in the form of HIPAA penalties. Sadly, as many who have experienced a ransomware attack can attest, it's the reputational harm that's done - the part where you have to notify all of your patients - where the real costs are incurred.

Good thing ransomware attacks are on the wane, right? Wrong. In March alone, according the research firm NCC Group, ransomware attacks increased 91%, a 62% increase over last March.

So that begs the question. If a ransomware hit is going to cost you 30% of your operating income, and ransomware is once again increasing, what are you actively doing to ensure you are as protected as possible? We speak with small businesses everyday who still maintain what's known as a break-fix relationship with their IT company. In other words, when something breaks, they call their IT, otherwise, their IT isn't involved. Does this sound like you? Aside from the fact that a break-fix relationship makes it almost impossible to achieve and maintain HIPAA compliance, it also leaves you exposed to attacks. Why? Because you don't have anyone proactively managing your network.

If you're in healthcare, it's the difference between preventative health versus reactionary health. Obviously it's far more beneficial, and cost effective, to manage healthy patients and keep them ahead of potential diseases. IT management works the same way. And much like a debilitating disease can take down a patient, so too can a ransomware attack.

Treat your technology the way you wish your patients would treat themselves. We're here to help. Cost effective cybersecurity and HIPAA compliance built for small businesses by a fellow small business. Call us to see how we can save you from a 30% hit to your operating income.

If you have any questions or are concerned about your organization's cybersecurity, call us at (949) 474-7774. We'll be happy to help.

For more HIPAA information, download our ebook - The Ultimate HIPAA Compliance Handbook.

The HIPAA Security Rule requires implementing a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.


Subscribe Today!

HIPAA Security Reminders


HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up

Scroll to Top