Is my business really at risk of a cyber-attack?

High-profile data breaches have become an uncomfortably common part of life in recent years.

Our news is now regularly punctuated by stories about massive retailers, insurance providers, banks and technology companies being hacked. In 2018 alone, there were over 6,500 breach incidents reported that compromised over 5 billion sensitive records — a 500% increase from just 5 years ago.¹

For obvious reasons, incidents featuring an iconic Fortune 500 company and the loss of millions of sensitive customer records generate a lot of press.

While the attention heaped on these mega-breaches does raise overall awareness about the importance of data security, it also reinforces the long-standing fallacy that the threat is primarily isolated to large enterprises.

In reality, nearly half the breach victims are small businesses.² The average direct cost for a single security breach is estimated to be nearly $120,000 for businesses with less than 500 employees.³ This figure doesn’t even account for indirect costs of breach recovery.

That’s not a surprise line item most businesses are equipped to comfortably swallow. In fact, research suggests nearly 60 percent of small businesses that experience a data breach fold within six months.⁴ So even though the big guys get all of the attention, the impact on their bottom line tends to be comparatively small.⁵

Hackers generally target large enterprises because they want their records.

Company records they can sell.
Payment records they can use to buy things
Customer records they can use to steal identities and buy more things.

Smaller businesses have these same valuable records, just in smaller concentrations. What they don’t have is a multi-million-dollar security budget and staff of hundreds dedicated to protecting them. As a small or mid-size business, you are the proverbial low-hanging fruit.

If all of this seems overwhelming and too big a task to tackle, you’re not alone. Barely half of U.S. small businesses have a formalized plan to protect against data breaches,⁶ and it’s not just due to a false sense of security. The threat — along with much of the information designed to help combat it — tends to be so deeply technical that it can feel paralyzing for businesses with limited IT resources.

Fortunately, there are security strategies you can implement to help reduce risk. Read more about cybersecurity strategies and the ways you can protect your organization in these articles:

Recommended for you

Defining Hacking & 11 Essential Hacking Terms

Get to know the basics of hacking with our guide to 11 key hacking terms. Uncover the vocabulary and concepts that make up the world of cybersecurity.

Data Risk Assessment Checklist

Learn how to conduct a content risk assessment, identify critical data that is exposed and put a plan in place to avoid security breaches.

What does data security compliance mean for small business today?

Explore the essentials of data security and compliance for small business success.

¹https://www.csoonline.com/article/3341317/data-breaches-exposed-5-billion-records-in-2018.html
²https://enterprise.verizon.com/resources/executivebriefs/2019-dbir-executive-brief.pdf
³https://www.techrepublic.com/article/an-average-data-breach-will-cost-an-enterprise-1-23m-and-an-smb-120k-heres-why/
⁴https://www.experianplc.com/media/news/2013/experian-data-breach-resolution-advises-small-businesses-to-be-prepared-for-a-data-breach/
⁵https://fortune.com/2015/03/27/how-much-do-data-breaches-actually-cost-big-companies-shockingly-little/
⁶https://www.hiscox.com/documents/2018-Hiscox-Small-Business-Cyber-Risk-Report.pdf

Is my business really at risk of a cyber-attack?

Related content

Recommended for you

Defining Hacking & 11 Essential Hacking Terms

Data Risk Assessment Checklist

What does data security compliance mean for small business today?