We're a Baker Tilly network member
Learn more
Cyber security – the numbers you need to know Part 2
Article

Cyber security – the numbers you need to know Part 2

There has been a significant increase in ransomware attacks in Australia in the past year, with a survey indicating the majority of Australian businesses being targeted.

Around the world the cost to business is staggering and huge gains can be made off the back of a miniscule investment on behalf of the cyber criminals. These are the numbers you need to know in order to act now.

1. Two-thirds: the proportion of Australian businesses that have reported a ransomware attack

2020’s annual survey from Crowdstrike shines an alarming spotlight on the prevalence of ransomware with 2 in 3 Australian organisations suffering a ransomware attackUnfortunately, Australia has lacked good data on the number of attacks in part because of the murky legal nature of paying cyber criminals.  Insurers are however increasing their premiums and lowering limits in a response to this growth while the Australian government is proposing mandatory ransomware reporting and making directors personally liable for cyber attacks. 

2. US$136,576: The mean amount paid in ransomware payments in Q2 2021

The good news is that the average amount businesses pay to lift ransomware restrictions is falling. The bad news is that the falling payment price likely reflects the large number of ‘competitors’ in the ransomware marketdiluting the impact of the larger players. The median payment in Q2 was US$47,008, down nearly 40% from Q1. Despite this, the average downtime caused by a ransomware attack was 23 days  long enough to have a much bigger impact on the company’s bottom line and, often more important, their reputation 

3. $66: the tiny cost to criminals of ransomware tools

The market for ransomware is huge, and we have seen the emergence of ransom-as-a-service as well as DIY tools for cyber criminals on sale for as little as $66 using stolen or brute-forced credentials that can cost just $20.

Last week we focused on the three key numbers you need to know about the causes and costs of cyber security breaches, which you can read more about here.

All businesses regardless of size or industry should be focused on cyber security. It is a business risk, not an IT problem, and it’s important to have preventative measures in place and an incident management plan ready to follow in the unfortunate circumstance that a breach happens.

Looking for more? You can read part one and part three in this series.

This content is general commentary only and does not constitute advice. Before making any decision or taking any action in relation to the content, you should consult your professional advisor. To the maximum extent permitted by law, neither Pitcher Partners or its affiliated entities, nor any of our employees will be liable for any loss, damage, liability or claim whatsoever suffered or incurred arising directly or indirectly out of the use or reliance on the material contained in this content. Pitcher Partners is an association of independent firms. Pitcher Partners is a member of the global network of Baker Tilly International Limited, the members of which are separate and independent legal entities. Liability limited by a scheme approved under professional standards legislation.

Our experts

Andrew Beitz

Andrew Beitz

Principal Adelaide
Norman Thurecht

Norman Thurecht

Partner Brisbane
Rob McKie

Rob McKie

Partner Melbourne
Scott Edden

Scott Edden

Partner Newcastle and Hunter
Adam Irwin

Adam Irwin

Managing Partner Sydney
Pitcher Partners insights Get the latest Pitcher Partners updates direct to your inbox

Thank you for you interest

How can we help you?

Business or personal advice
General information
Career information
Media enquiries
Contact expert
Become a member
Specialist query
Please provide as much detail to ensure appropriate allocation of your query
Please highlight a realistic time frame that will enable us to provide advice within a suitable and timely manner. Please note given conflicting demands with our senior personnel, we will endeavour to respond to you within the nominated time frame. If you require an urgent response, please contact us via [email protected] or 03 8610 5477.
CPN Enquiry
Business Radar report
Student careers 2021-22
Find an expert
Search by industry