Email is the biggest threat for businesses… but the greatest opportunity for the channel

It’s never been clearer; email is the number one way for criminals to enter the network, with four out of five (80%) end-user organisations facing this type of attack during the past year according to our research. In a world where email has become the default communication tool, it’s also a gateway into any business, regardless of size or sector.

The immediate effects of becoming a victim to email-based attacks are typically financial. Our research suggests that end-user perception is that these costs are also rising. The vast majority of survey respondents (72%) felt that the cost of email related breaches was increasing, with nearly a fifth claiming costs have escalated dramatically.

But of the 30% of respondents who admitted falling victim to ransomware, just 19% paid the attackers for the key to unlock their files and systems. So how then are costs of attacks increasing? It’s because of hidden costs.

These hidden costs are extremely hard to prove, but they could have big effects for how the channel sells cyber security solutions to businesses. So, what are these costs and what might they mean for the channel?

Our research shone alight on these indirect costs, and brings to the fore the true ramification of an email cyber-attack on businesses.

Unsurprisingly, almost two thirds (65%) of respondents cited that attacks distract IT teams from other priorities. However, the disruption of employee productivity in general was an issue for just over half (52%). The reputation and remediation costs of stolen information were also identified by 44%.

Lost productivity and business interruption certainly hits organisations’ bottom lines and combined with reputation clean up, you can see where the costs of increasing attacks are mounting up.

Traditionally, the IT decision maker has been the entry point for the channel, and the one to wax lyrical about ‘cost efficiencies’ and the time-savings that can be made with the latest cyber security solution.

After all, they are the individuals dealing with the solutions that you sell day in day out. Yet, they are not the only ones affected by these attacks; just ask their HR, finance and marketing departments.

It’s the finance decision makers that IT decision makers have to go to cap in hand ransomware payments. And it’s the finance team that has to sign off the purchase order for a crisis communications agency. It’s marketing that is responsible for implementing the crisis communications strategy and repairing the holes in a company’s reputation. Even heads of sales departments will be keen to keep distractions to a minimum and maintain their customers’ trust in the company. It’s HR who gets complaints around diminishing productivity.

For smaller organisations it’s the managing directors and senior team who will be most interested in cyber-security to stop their reputation from being shattered and profit draining away.

Ultimately, as an industry, we need to open people’s eyes to these hidden costs and make them much more common knowledge. These additional costs can be incorporated into ROI breakdowns when presenting to a client, for instance, lost productivity and increased marketing and PR spend on rebuilding the company's reputation should an attack be made public.

By showing that your solution solves problems for the entire company rather than just the IT team, value is added that is usually beyond the returns expected by most companies. And of course it stands to reason that partnership value also increases which in turn increases business opportunities.