The Disturbing Facts About Small Businesses That Get Hacked
Small business owners who haven’t considered a thorough cybersecurity plan may soon find themselves without a business to protect. During the course of the global coronavirus pandemic, hackers have become more active and empowered than ever. And small businesses have historically had a difficult time recovering from a major security breach.
Through several catastrophic breaches, cybercriminals have gained access to more small businesses than ever before. It’s no longer a legitimate option to simply react to such attacks. Small business owners need to be proactive with their cybersecurity if they want to survive and thrive.
Security Breaches Can Be Devastating to Small Businesses
According to CNBC, hackers targeted small businesses 43% of the time, which might be due to the fact that only 14% were prepared to defend themselves.
Different reports have rendered different estimates on the cost of these infiltrations, but none are cheap.
Check out this video on the growing costs of cybercrime:
The Hiscox Cyber Readiness Report of 2019 stated that the average cost of a cyberattack on a business was $200,000. That’s certainly a tough pill to swallow. But it pales in comparison to the number created by the Ponemon Institute and IBM.
Their 2020 Cost of Data Breach Report stated that the average data breach cost $3.86 million in 2020. That would be a devastating number for many bigger corporations, let alone a small business.
And the fallout is real.
More Troubling Statistics About Small Businesses & Cybersecurity
According to the National Cyber Security Alliance, a whopping 60% of companies go out of business within six months after falling victim to a data breach. That makes total sense considering the high costs of such a breach. But what’s surprising, and tragic, is that most firms still don’t view cyberattacks as a legitimate threat.
Keeper Security’s 2019 SMB Cyberthreat Study found that 66% of senior decision-makers at small businesses believed they were unlikely to be targeted by criminals.
An Inc.com report drew from data gathered from CEOs of over 1,300 small to mid-size businesses. More than 60% of the firms didn’t have an up-to-date cybersecurity strategy or any strategy at all.
As cybercriminals get smarter and more active, small businesses will need to match their evolution or get left in the dust.
Why Do Data Breaches Cost So Much?
You might be wondering how these reports land on such high figures for the costs of a data breach. It starts with the cost of hiring experts. In most cases, firms will need to conduct a forensic audit to determine how they were infiltrated. Audits can cost anywhere from $10k to over $100k, depending on the size of the business.
In many cases where customer data is leaked, the firms can be fined tens of thousands of dollars for the breach.
Many companies pay the price in time. Each business must conduct a thorough investigation to determine how many people and how many aspects of their company were threatened by the attack. Each individual who may be at risk must be contacted, and that list can get quite large if, say, you own a restaurant and the data from all of your credit card transactions was leaked. If the breach is particularly sinister, aspects of the business may be forced to shut down altogether until the problem is fixed.
Check out this video detailing just how much a major cyberattack can cost:
But perhaps the biggest cost is reputation. In 2019, Deloitte determined that up to 90% of the total costs in a cyberattack occur ‘beneath the surface.‘ These hidden costs can affect businesses years after a breach. They include loss of trust in the business, diminished brand reputation, and increased costs concerning debt financing. And these costs are not covered by any insurance.
And then there are the potential costs of a cybercriminal asking for a hefty ransom in exchange for your leaked files. Although we recommend not paying ransoms, some firms will inevitably make a different choice.
In almost every case, businesses could greatly reduce costs simply by having a plan in place.
How Can You Protect Your Business?
The only way to protect your business is to be prepared. First and foremost, you should consult with a cybersecurity expert (Hacked.com does provide those services). Budget allowing, you should have an expert in place to respond to any type of breach.
But even if you can’t afford to hire a full-time cybersecurity position, there are simple steps you can take to mitigate risk.
- Require long, varied passwords for any sensitive accounts
- Enable two-factor authentication for any sensitive accounts
- Invest in basic cybersecurity training so employees can avoid common pitfalls such as social engineering
- Install and regularly update anti-virus software
- Limit employees’ access to sensitive data
- Conduct regular vulnerability tests and risk assessments
And if you think you’ve been hacked or you just want to get proactive on your cybersecurity journey, don’t hesitate to reach out to us.
Featured image by dp.VUE.images from Shutterstock.com