Being small doesn’t mean you’re invisible. To hackers, small companies are the most desirable targets of all.
The National Cyber Security Alliance found 71 percent of security breaches are aimed at small companies, and 95 percent of breaches that steal credit card data occur at small businesses.
The scariest statistic: 60 percent of small businesses that experience a breach are out of business six months later.
Easy, Valuable Targets – Small Businesses
One reason small businesses make attractive targets is that they aren’t well protected. McAfee reports that 43 percent of small businesses don’t have any internet security measures at all.
Only 18 percent use business-level antivirus software and only 17 percent attempt to secure company data on BYOD devices. Even though most data breaches occur through human error, employees at small businesses receive limited security training.
Despite their small size, the information available to hackers from small companies is valuable. Hackers may try to access employee information, banking information or customer information. Sometimes a small company is targeted to gather information that will help the hackers penetrate a bigger company it does business with.
The Cost of a Network Security Breach
Experiencing a network breach is expensive. The Ponemon study found costs vary by industry, with an average cost per stolen data record anywhere from $68 to $363. If your stolen data includes payment information, your company has to pay for a forensics audit, replacement cards and fines.
The average cost can total $36,000.
Besides the costs you’ll pay, which are easily measured, your business will bear other, less easily measured costs. You may not be able to conduct business for a while as your payment systems are investigated and improved. Your company’s reputation will be damaged, and you may lose customers who no longer trust you to secure their information.
Protect Your Business with Proactive Security Measures
Because the costs of a breach are so serious, every small business should take proactive measures to protect itself. Devoting time to IT strategic planning before an incident occurs is more effective and less costly than scrambling to recover from a breach.
- Start by surveying your systems to identify any valuable data and how it’s currently protected.
- Make sure you identify all potential entry points to your network; because of the Internet of Things, data security isn’t just about servers and storage devices, but also about devices like smart thermostats.
- Raise your employees’ information awareness through training and check how the vendors you share data with, including cloud and managed IT services providers, secure it when it’s in their network.
- Lastly, consider cyber security insurance to help your business manage the financial impact if a breach occurs.