Skip to main content
ThreatConnect Acquires Polarity to Transform How Security Uses Intelligence
Press Release
Request a Demo

Cyber Attacks Can Cost Enterprises Up to 30 Percent of Operating Income According to New Research from ThreatConnect

Risk Quantification Research Finds Healthcare, Manufacturing, and Utilities Suffer Long-Term Financial Impact from Major Cyber Attacks

ARLINGTON, Va. – April 18, 2023 – ThreatConnect, Inc, maker of leading threat intelligence operations (TI Ops) and risk quantification solutions, announced today the release of the company’s first risk quantification report, which assessed the financial impact of ransomware attacks on small ($500M), medium ($1.5B) and large ($15B) organizations within healthcare, manufacturing, and utilities. 

“With the National Cyber Strategy coming out of the White House focusing on decreasing cyber risk from critical infrastructure and the new SEC Cyber Proposals, organizations across industries are now being tasked with reporting on cyber risk,” said Jerry Caponera, GM of Risk Quantification, ThreatConnect. “Organizations are finally waking up to the fact that the impact of ransomware and other cyber attacks is more than just a moment in time. The financial implications are far-reaching and create barriers for companies to continue operations after these attacks.”

In this new report, ThreatConnect examined thousands of companies in the healthcare, manufacturing, and utility industries.  Analyzing tens of thousands of losses from around the world, ThreatConnect estimated median hits to operating incomes. Cyber losses can impact a current fiscal year but can also linger and impact current and future fiscal years as costs, including legal fees, settlements, and brand damage, can take time to materialize. 

The staggering results point to the need to continuously quantify cyber risk and prioritize investments in monetary terms. Potential losses due to cyber attacks shift on a regular basis based on changes in attack surface, investments in security defenses, and an evolving business landscape. Because of these changes, it’s important to measure enterprise risk on a continuous basis.


Healthcare organizations are under constant threat of attack as ransomware groups target the industry in an effort to reap quick financial gain. Due to public backlash, some ransomware threat groups stated that they would avoid conducting similar attacks in the future on hospitals and healthcare facilities that put patients’ lives in jeopardy. Despite these claims, healthcare facilities are still highly targeted by ransomware groups, stopping operations and putting patient lives in danger.  As one of the most highly regulated industries, healthcare is still behind the curve when it comes to having a solid cybersecurity posture. 


According to a recent IBM report, manufacturing was the most targeted sector for ransomware cyber-attacks and the most extorted industry in 2022. Ensuring that systems and processes are running optimally is critical to the success of manufacturing companies, the economic success of nations, and consumers who depend on the goods produced for everyday life. Ransomware attacks on manufacturing companies tend to cause operational disruptions, which can cascade through supply chains and into the broader economy. 


Hackers are increasingly exploiting utility companies that provide the energy needed to power our economies and enable most of what we use daily.  Ransomware attacks, such as that on Colonial Pipeline in the US and Volue ASA in Norway, show an increasing trend where hackers target the smaller and medium-sized utility companies they perceive as easier targets. President Biden’s National Cyber Strategy will increase regulation on utility companies in an attempt to mitigate the increasing threat of a catastrophic cyber attack.

Read the full report at:

About ThreatConnect

ThreatConnect enables security operations and threat intelligence teams to work together for more efficient, effective, and collaborative cyber defense and protection. With ThreatConnect, organizations infuse threat intelligence and cyber risk quantification into their work, allowing them to orchestrate and automate processes to respond faster and more confidently than ever before. More than 200 enterprises and thousands of security operations professionals rely on ThreatConnect every day to protect their most critical systems. Learn more at