Man in dark hoodie with the words "data breach" written in red"

4 reasons your SMB should be concerned about a data breach

Data breaches don’t just cause financial losses – they damage reputations and frustrate small businesses. Recent studies show that over 47% of SMBs experienced a cyber attack in the last year, and around 44% suffered multiple attacks. Here’s why this should matter to you. 

Why data breaches should concern small businesses

A 2019 Investigations Report by Verizon confirmed that nearly 60% of cyber attacks affected SMBs. It doesn’t matter how small or new your business is – every single enterprise is vulnerable. Here’s why.

Downtime and recovery

Only 52% of SMBs have a cyber security strategy, according to a 2018 Hiscox report. This is worrying because recent studies show that 40% of SMBs who experience data breaches go offline for 8 hours or more. This may have severe financial consequences for small businesses and startups.

Reputation damage

SMBs may struggle to recover from any goodwill or reputation lost through data leaks. If customers lose faith in a new or small business, the financial impact is severe. This is especially true if hackers gather credit card or financial information, such as what happened to Uber and Equifax.

Financial cost

An authoritative 2018 Cisco Study revealed that around 54% of attacks cost businesses more than $500,000. Costs don’t have to reach these levels to be devastating for SMBs. The average cost of cyber security breaches to SMBs in North America is $120,000, with recovery costs amounting to around $149,000.

Human error

It’s estimated that, while hackers are a problem, most data breaches affecting SMBs occur because of employee negligence. 47% of SMBs have experienced a data breach because an employee made a careless error.

Additionally, the recent Hiscox report showed that only 32% of SMBs surveyed assessed employee competency at preventing data breaches. These are worrying statistics.

How cyber criminals choose their targets

Hackers want to cause the most damage, or make the most money, as easily as possible. Here’s how they choose their targets

C-suite executives

Hackers target CEOs or CFOs because these are busy individuals who receive lots of email correspondence. Hackers use phishing techniques to impersonate legitimate colleagues, and they convince C-suite executives to provide sensitive business data to them.

This is a very insidious form of data breach and it can be difficult to spot. Unsurprisingly, it’s on the rise and it accounts for over 78% of cyber espionage studied in recent reports.

Financial motivation

Verizon’s recent report shows that, out of 41,686 security incidents and 2,000 data breaches, over 70% were financially motivated. Harvesting large amounts of data and selling it somewhere like the dark web is, unfortunately, an easy way for hackers to make money.

New businesses

New businesses are vulnerable to a cyber attack. This is primarily because startups have less capital to invest in cyber security protection. Combined with the large amount of sensitive data that a startup may hold, they’re an ideal target for hackers.

New sectors

Cyber criminals are targeting different sectors now. In late 2018, it was reported that industries with typically lower risk profiles, such as oil & gas and shipping, are now more prone to hacking attempts. Maersk, for example, recently replaced 45,000 PCs and 2,500 applications because of a security breach.

Conclusion

The bottom line is that SMBs are at a greater risk of cyber attack than ever before. Our advice? Review your cyber protection solutions, ensure your staff are fully trained on the latest cyber threats, and improve your general data security.