Data breaches don’t just cause financial losses – they damage reputations and frustrate small businesses. Recent studies show that over 47% of SMBs experienced a cyber attack in the last year, and around 44% suffered multiple attacks. Here’s why this should matter to you.
Why data breaches should concern small businesses
A 2019 Investigations Report by Verizon confirmed that nearly 60% of cyber attacks affected SMBs. It doesn’t matter how small or new your business is – every single enterprise is vulnerable. Here’s why.
Downtime and recovery
Only 52% of SMBs have a cyber security strategy, according to a 2018 Hiscox report. This is worrying because recent studies show that 40% of SMBs who experience data breaches go offline for 8 hours or more. This may have severe financial consequences for small businesses and startups.
SMBs may struggle to recover from any goodwill or reputation lost through data leaks. If customers lose faith in a new or small business, the financial impact is severe. This is especially true if hackers gather credit card or financial information, such as what happened to Uber and Equifax.
An authoritative 2018 Cisco Study revealed that around 54% of attacks cost businesses more than $500,000. Costs don’t have to reach these levels to be devastating for SMBs. The average cost of cyber security breaches to SMBs in North America is $120,000, with recovery costs amounting to around $149,000.
It’s estimated that, while hackers are a problem, most data breaches affecting SMBs occur because of employee negligence. 47% of SMBs have experienced a data breach because an employee made a careless error.
Additionally, the recent Hiscox report showed that only 32% of SMBs surveyed assessed employee competency at preventing data breaches. These are worrying statistics.
How cyber criminals choose their targets
Hackers want to cause the most damage, or make the most money, as easily as possible. Here’s how they choose their targets.
Hackers target CEOs or CFOs because these are busy individuals who receive lots of email correspondence. Hackers use phishing techniques to impersonate legitimate colleagues, and they convince C-suite executives to provide sensitive business data to them.
This is a very insidious form of data breach and it can be difficult to spot. Unsurprisingly, it’s on the rise and it accounts for over 78% of cyber espionage studied in recent reports.
Verizon’s recent report shows that, out of 41,686 security incidents and 2,000 data breaches, over 70% were financially motivated. Harvesting large amounts of data and selling it somewhere like the dark web is, unfortunately, an easy way for hackers to make money.
New businesses are vulnerable to a cyber attack. This is primarily because startups have less capital to invest in cyber security protection. Combined with the large amount of sensitive data that a startup may hold, they’re an ideal target for hackers.
Cyber criminals are targeting different sectors now. In late 2018, it was reported that industries with typically lower risk profiles, such as oil & gas and shipping, are now more prone to hacking attempts. Maersk, for example, recently replaced 45,000 PCs and 2,500 applications because of a security breach.
The bottom line is that SMBs are at a greater risk of cyber attack than ever before. Our advice? Review your cyber protection solutions, ensure your staff are fully trained on the latest cyber threats, and improve your general data security.