Cybercrime is no longer a new phenomenon. The zeal with which cybercriminals have committed these offenses in the past has led to an outcry from businesses and organizations. Cybercriminals are constantly on the prowl for new sites to attack. They are continuously improving their methods of attack. To make matter worse, this type of crime is very difficult to solve. The attacks themselves become more sophisticated as the days go by. Many experts are searching for real solutions; permanent solutions.
The threat to small businesses
While many organizations have put in place various measures to prevent this crime, a look at the statistics reveals that only large organizations are really doing everything they need to do. Smaller companies either think they can’t afford good protection or don’t need it. The best protection from cyber breaches is expensive. It requires training for employees, risk assessment, and the installation of a good array of programs that can detect and prevent intrusion. There are ways that small businesses can get the same top-notch protection as a large organization. And, it is imperative that they do so. A big data breach could cost your company millions of dollars. Most experts say that it’s not a matter of IF you get attacked; it’s just a matter of WHEN.
How real is the threat?
The threat of a cyberattack is a lingering one despite the amount of protection that one invests in. That’s because the nature of this crime is to evolve with each new attack. This is why most business owners prefer to invest in protection services with the ability to detect cybercrime before it occurs. The Verizon Data Breach Investigation Report shows that the threat of cyberattacks on small businesses is much greater than small business owners anticipate. This group states that up to 61% of cyber security breaches were experienced by small businesses last year. This was an 8% rise from 53% in the previous year.
Cost of cyber-attacks on small businesses
While small businesses fail to invest in protection systems because of the costs, it is noteworthy that the amount of money lost as a result of cyberattacks is considerably higher. The ransomware attack is a great example of this fact. One ransomware attack can stop your workforce in its tracks. Your data will be locked until you pay. Some thieves threaten to release your internal documents to the public. This caused a huge amount of embarrassment for Sony Pictures after their 2014 data breach. The North Koreans took responsibility for this breach, claiming that they did not like a movie that Sony was about to release where the North Korean dictator was to be made fun of.
In the end, the damage to Sony was more about being embarrassed before the whole world. Sony’s reputation was severely damaged. Though large companies like Sony can survive an attack like this, small companies cannot. A new study shows that cyberattacks cost on average, $38,000 per attack. Below are a few other stats pertaining to small businesses and data breaches:
23 percent lost business opportunities after an attack.
29 percent lost revenue; 38 percent of those lost more than 20 percent.
22 percent of businesses lost customers; 40 percent lost more than 20 percent of their customer base.
In some cases, small businesses must close their doors within a few months of the attack. Small business owners are only just realizing how vulnerable they are. This is due to the fact that most small businesses are an easy target for hackers. They simply don’t have sophisticated enough data protection programs in place.
What can you do about it?
The first step for any small business is to invest in effective cyber security software. These should be installed on all computers and mobile devices. The second step is to install a remote computer backup. Always have recent copies of your database stored somewhere offsite. A remote computer backup makes recovery of data much simpler.
A third step is to test your data security systems and procedures regularly. This can be easily done through a gap analysis. A gap analysis will enable the business owner to know how effective the data protection system really is. It takes into consideration the detected threats and compares these with the protection system. It is also sensible to develop a data breach response plan. This should include a communications response plan.
Proper response in cases of data breach can save a company millions of dollars and protect customers. A good response plan can let everyone including stakeholders know what’s going on. The sooner your employees know what’s happening, the sooner they can shut down their computers and mobile devices so that the virus can’t spread. All computers and devices with company data should be disconnected from the network until the issues are resolved.
Cyber liability insurance can also come in handy in case of attacks. As we have noted, up to 60% of small businesses which experience cyber-attacks are forced out of business within six months of the attack. Cyber liability insurance will protect your assets.
Small businesses are currently attractive to cybercriminals because of their lack of protection. When it comes to cyber security, it should be noted that prevention is definitely the best route. Though many prevention measures appear costly, it can save your company from going through a nightmare that will be expensive and damage your reputation.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.