A cyber-incident inflicts damage beyond just downtime and recovery costs. A breach can spell disaster for a company’s image, leading to devaluation, lost business, high turnover, and even bankruptcy in extreme cases. However, a breach isn’t the only cyber-threat lurking in the business sector.
Some 74% of organizations face outages due to expired certificates, and the average total cost of downtime is a whopping $67.2 million per company over two years, according to new research by the Ponemon Institute. Damage to trust and reputation aggravate the blow, the survey has found.
Ponemon, which conducted the study for Keyfactor, included responses from hundreds of IT security practitioners in US critical industries like financial services, healthcare and medical devices, retail and automotive. Researchers found that, as information security budgets grow and funds are allocated to cyber-resilience, many companies continue to overlook the critical importance of digital certificate management.
According to the report, the average company manages over 83,000 digital certificates to encrypt data and authenticate servers, but 71% of IT pros say their organization does not know exactly how many keys and certificates it has. This gap makes it imperative to measure the cost of unsecured digital identities.
Almost three quarters of respondents say digital certificates cause unanticipated downtime or outages at an average cost per organization of more than $11 million annually. Ponemon attributes the $67.2 million total cost of downtime and outages (from multiple factors) per company over two years to “system administration and support time, lost productivity, immediate revenue loss and diminished brand reputation.”
The vast majority (73%) of IT pros surveyed by Ponemon believe that failing to secure keys and certificates undermines the trust their organization relies upon to operate.
Recent research by eSecurity Planet supports some of these findings, in that businesses are warming up to the idea of increasing their cybersecurity budgets for fear of breaches.