Is my business really at risk of a cyber-attack?

High-profile data breaches have become an uncomfortably common part of life in recent years.

Our news is now regularly punctuated by stories about massive retailers, insurance providers, banks and technology companies being hacked. In 2018 alone, there were over 6,500 breach incidents reported that compromised over 5 billion sensitive records — a 500% increase from just 5 years ago. ¹

For obvious reasons, incidents featuring an iconic Fortune 500 company and the loss of millions of sensitive customer records generate a lot of press.

While the attention heaped on these mega-breaches does raise overall awareness about the importance of data security, it also reinforces the long-standing fallacy that the threat is primarily isolated to large enterprises.

 In reality, nearly half the breach victims are small businesses. ² The average direct cost for a single security breach is estimated to be nearly $120,000 for businesses with less than 500 employees.³ This figure doesn’t even account for indirect costs of breach recovery.

That’s not a surprise line item most businesses are equipped to comfortably swallow. In fact, research suggests nearly 60 percent of small businesses that experience a data breach fold within six months. ⁴ So even though the big guys get all of the attention, the impact on their bottom line tends to be comparatively small.⁵

Hackers generally target large enterprises because they want their records.

• Company records they can sell.

• Payment records they can use to buy things

• Customer records they can use to steal identities and buy more things.

Smaller businesses have these same valuable records, just in smaller concentrations. What they don’t have is a multi-million-dollar security budget and staff of hundreds dedicated to protecting them. As a small or mid-size business, you are the proverbial low-hanging fruit.

If all of this seems overwhelming and too big a task to tackle, you’re not alone. Barely half of U.S. small businesses have a formalized plan to protect against data breaches, ⁶ and it’s not just due to a false sense of security. The threat — along with much of the information designed to help combat it — tends to be so deeply technical that it can feel paralyzing for businesses with limited IT resources.

Fortunately, there are security strategies you can implement to help reduce risk. Read more about cybersecurity strategies and the ways you can protect your organization in these articles: