printer friendly version

Survey highlights cost of cyberdamage to industrial companies

The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million. These findings were revealed in a joint study conducted by Kaspersky and VDC Research.

The study titled "Securing OT with Purpose-built Solutions", provides an in-depth analysis of the current state of operational technology (OT) cybersecurity. Based on a survey of over 250 decision-makers from energy, utilities, manufacturing, transportation and other sectors, the study offers valuable insights into the key business and technical trends affecting industrial organisations, as well as the most effective strategies being implemented to address these challenges.

The research underscores that the financial impact of an OT cybersecurity breach is both complex and multifaceted. Organisations must consider a wide range of costs, including lost revenue opportunities, unplanned production downtime, scrap and loss of work-in-progress inventory, and damage to equipment or property. Beyond these costs, the total financial burden also encompasses direct breach-related expenses such as incident response — whether handled internally or by third-party providers — and ransom payments.

When accounting for all these factors, nearly 25% of survey respondents estimated that each cyberattack could result in damages exceeding $5 million over a two-year period. The distribution of these costs varies significantly across organisations and incidents, but generally impacts multiple departments and influences both revenue and profitability.

The report details that incident response accounts for approximately 21,7% of total breach-related expenses, followed by lost revenue at 19,4%, unplanned downtime at 16,9%, equipment or property repair and replacement at 16,8%, ransom payments at 12%, and scrap or loss of work-in-progress inventory at 11,9%. Notably, unplanned downtime emerges as one of the most significant costs – 70% of respondents reported that such outages typically last between four and 24 hours. These disruptions can lead to substantial revenue losses, internal process bottlenecks and diminished customer confidence, highlighting the critical importance of robust OT cybersecurity measures.

“Unplanned downtime can cost organisations millions of dollars, making it a critical issue for industrial and manufacturing companies. While maintenance-driven strategies to combat unplanned downtime help, strengthening cybersecurity is essential to prevent breaches that lead to costly equipment failures and outages. Ignoring cybersecurity risks undermines efforts to eliminate downtime and protect profits,” comments Andrey Strelkov, head of Industrial Cybersecurity Product Line at Kaspersky.

Kaspersky offers a distinctive ecosystem for OT customers, combining enterprise-grade technologies, expert knowledge and extensive expertise. At the heart of this ecosystem is Kaspersky Industrial Cybersecurity (KICS), a native XDR platform designed for protection of critical infrastructure and industrial enterprises. KICS provides end-to-end infrastructure coverage, safe response measures, centralised asset management, risk assessment and auditing capabilities, while also supporting scalable security across complex, distributed environments through a unified platform.

To read the full whitepaper “Securing OT with Purpose-built Solutions”’, please visit the website.

Share this article:

Further reading: