New report from AVORD reveals retailers are at risk from inflated costs
January 2019 by AVORD
The shockingly high cost of protecting against cyberattacks has been revealed, with the retail industry forking out around £1.51bn annually to combat the growing threat of data breaches and system outages.
Research from AVORD – a revolutionary new security testing platform that launches today – reveals 185,757 (92%) retailers have seen an increase in the number of data breaches over the last five years. And eight in 10 now say that data loss will be one of their biggest security challenges in 2019.
Opportunistic multi-national consultancies are being blamed for inflating the price of security testing in the UK, with many retailers being charged inflated prices to conduct tests on their critical assets. And with retailers already experiencing challenging times in the lead up to Brexit, the prohibitive cost of conducting security tests could leave them vulnerable to an increase in data breaches.
Consultancies taking advantage
Today’s findings put the spotlight firmly on the security testing market, which is dominated by consultancies who provide services to businesses, sometimes at twice the daily rate of an independent tester – often referred to as ethical hackers. With 76% of UK businesses claiming the cost of testing is too expensive, there is a clear demand for change.
Almost two thirds of retailers currently outsource the security testing on their critical assets. The need to use consultancies being driven by a skills shortage, with two in three (67%) businesses revealing that they don’t fully possess the in-house, employee skills and knowledge to carry out security testing.
A surge in cybercrime
Worryingly, a quarter of UK retailers (24%) have battled an online security breach in the past 12 months, which have directly hit their bottom lines, lost them customers and damaged their brand reputations. Of those hit by a cyberattack, 87% reported that the breach occurred partly as a result of issues with the security testing process.
Over the past five years, the majority of companies have seen a major increase in the number of data breaches: one in five reported an increase of between 11% and 20%, while more than a half reported up to 10% more data breaches.
The true cost of cyberattacks
As new emerging technologies are deployed, and applications increasingly underpin core business processes, firms across the UK claimed that cybercriminals are creating new ways to exploit vulnerabilities, which is putting increased stresses on them at an already challenging time.
The impact of breaches in the past 12 months has been wide spread. 79% of those affected reported losing customers, while two in three (62%) had to pay legal fees. In addition, 58% experienced reputational damage and the same number were hit by fines from regulators.
Surprisingly only a half (51%) of retailers believe it is essential to ensure their solutions are secure before they come to market, the lowest of all sectors surveyed.
A new era in security testing
AVORD, which launches today, promises to slash the price of security testing, with its free online platform bringing 1000s of highly qualified security testers together with UK businesses. The brainchild of two career security professionals, who have seen the market monopolised by major consultancies, it will enable companies to reduce their costs by at least 30-40%.
The unique online security testing platform cuts out the expensive middle men, ensuring that retailers of all sizes can protect their businesses against future threats. Free to use, AVORD provides automated scheduling and tracking of security tests, delivering an instant view of all tests across an estate through a fully interactive risk and reporting dashboard.
Brian Harrison, founder and CEO of AVORD, commented: “Quite simply, security testing has become too expensive for many UK businesses. Companies are struggling to cope with the ever-increasing threats impacting on their attempts to secure systems at current costs. Unless something changes, businesses will be forced to cut corners, and this will inevitably mean there are more data breaches and system outages.
“AVORD has been designed to disrupt the current security testing model by cutting out the costly ‘middle-man’ consultancies and allows businesses to directly manage and engage security testers. This means that whereas industry currently pays up to £1,100 per day for cybersecurity testing, that cost will be reduced to approximately £600, collectively saving the UK retail sector more than £600m annually.”