What do Equifax, Yahoo, and the U.S. military have in common? They’ve all fallen victim to a cyberattack at some point in the last decade—and they’re just the tip of the iceberg. Today’s infographic from Raconteur delves into the average damage caused by cyberattacks at the organizational level, sorted by type of attack, industry, and country.
Rising Cybercrime Costs Across the Board
The infographic focuses on data from the latest Accenture “Cost of Cybercrime” study, which details how cyber threats are evolving in a fast-paced digital landscape. Overall, the average annual cost to organizations has been ballooning for all types of cyberattacks. For example, a single malware attack in 2018 costed more than $2.6 million, while ransomware costs rose the most between 2017–2018, from $533,000 to $646,000 (a 21% increase). Both information loss and business disruption occurring from attacks have been found to be the major cost drivers, regardless of the type of attack:
Malware Major consequence: Information Loss Average cost: $1.4M (54% of total losses) Web-based attacks Major consequence: Information Loss Average cost: $1.4M (61% of total losses) Denial-of-Service (DOS) Major consequence: Business Disruption Average cost: $1.1M (65% of total losses) Malicious insiders Major consequences: Business Disruption and Information Loss Average cost: $1.2M ($0.6M each, 75% of total losses)
In 2018, information loss and business disruption combined for over 75% of total business losses from cybercrime.
Cybercrime Casts a Wide Net
No industry is untouched by the growing cost of cybercrime—the report notes that organizations have seen security breaches grow by 67% in the past five years alone. Banking is the most affected, with annual costs crossing $18 million in 2018. This probably comes as no surprise, considering that financial motives are consistently a major incentive for hackers. Here is the average cost of cyberattacks (per organization) across 15 different industries: Interestingly, the impact on life sciences companies rose the most in a year (up by 86% to $10.9 million per organization), followed by the travel industry (up 77% to $8.2 million per organization). This is likely due to an increase in sensitive and valuable data being shared online, such as clinical trial details or credit card information.
So What Can Companies Do?
Accenture analyzed nine cutting-edge technologies that are helping mitigate cybercrime, and calculated their net savings: the total potential savings minus the required investment in each type of technology or tool. With almost $2.3 million in net savings, many companies recognize the high payoff that comes with security intelligence. On the other hand, leveraging automation, artificial intelligence, and machine learning can potentially save over $2 million—however, only 38% of businesses have adopted this solution so far. Cybercrime will remain a large-scale concern for years to come. From 2019–2023E, approximately $5.2 trillion in global value will be at risk from cyberattacks, creating an ongoing challenge for corporations and investors alike. on But fast forward to the end of last week, and SVB was shuttered by regulators after a panic-induced bank run. So, how exactly did this happen? We dig in below.
Road to a Bank Run
SVB and its customers generally thrived during the low interest rate era, but as rates rose, SVB found itself more exposed to risk than a typical bank. Even so, at the end of 2022, the bank’s balance sheet showed no cause for alarm.
As well, the bank was viewed positively in a number of places. Most Wall Street analyst ratings were overwhelmingly positive on the bank’s stock, and Forbes had just added the bank to its Financial All-Stars list. Outward signs of trouble emerged on Wednesday, March 8th, when SVB surprised investors with news that the bank needed to raise more than $2 billion to shore up its balance sheet. The reaction from prominent venture capitalists was not positive, with Coatue Management, Union Square Ventures, and Peter Thiel’s Founders Fund moving to limit exposure to the 40-year-old bank. The influence of these firms is believed to have added fuel to the fire, and a bank run ensued. Also influencing decision making was the fact that SVB had the highest percentage of uninsured domestic deposits of all big banks. These totaled nearly $152 billion, or about 97% of all deposits. By the end of the day, customers had tried to withdraw $42 billion in deposits.
What Triggered the SVB Collapse?
While the collapse of SVB took place over the course of 44 hours, its roots trace back to the early pandemic years. In 2021, U.S. venture capital-backed companies raised a record $330 billion—double the amount seen in 2020. At the time, interest rates were at rock-bottom levels to help buoy the economy. Matt Levine sums up the situation well: “When interest rates are low everywhere, a dollar in 20 years is about as good as a dollar today, so a startup whose business model is “we will lose money for a decade building artificial intelligence, and then rake in lots of money in the far future” sounds pretty good. When interest rates are higher, a dollar today is better than a dollar tomorrow, so investors want cash flows. When interest rates were low for a long time, and suddenly become high, all the money that was rushing to your customers is suddenly cut off.” Source: Pitchbook Why is this important? During this time, SVB received billions of dollars from these venture-backed clients. In one year alone, their deposits increased 100%. They took these funds and invested them in longer-term bonds. As a result, this created a dangerous trap as the company expected rates would remain low. During this time, SVB invested in bonds at the top of the market. As interest rates rose higher and bond prices declined, SVB started taking major losses on their long-term bond holdings.
Losses Fueling a Liquidity Crunch
When SVB reported its fourth quarter results in early 2023, Moody’s Investor Service, a credit rating agency took notice. In early March, it said that SVB was at high risk for a downgrade due to its significant unrealized losses. In response, SVB looked to sell $2 billion of its investments at a loss to help boost liquidity for its struggling balance sheet. Soon, more hedge funds and venture investors realized SVB could be on thin ice. Depositors withdrew funds in droves, spurring a liquidity squeeze and prompting California regulators and the FDIC to step in and shut down the bank.
What Happens Now?
While much of SVB’s activity was focused on the tech sector, the bank’s shocking collapse has rattled a financial sector that is already on edge.
The four biggest U.S. banks lost a combined $52 billion the day before the SVB collapse. On Friday, other banking stocks saw double-digit drops, including Signature Bank (-23%), First Republic (-15%), and Silvergate Capital (-11%).
Source: Morningstar Direct. *Represents March 9 data, trading halted on March 10.
When the dust settles, it’s hard to predict the ripple effects that will emerge from this dramatic event. For investors, the Secretary of the Treasury Janet Yellen announced confidence in the banking system remaining resilient, noting that regulators have the proper tools in response to the issue.
But others have seen trouble brewing as far back as 2020 (or earlier) when commercial banking assets were skyrocketing and banks were buying bonds when rates were low.