Why Every Business Needs to Take Cyber Security Seriously

Every day, nerds, smelling of stale Cheetos, ruin the reputation of countless small businesses worldwide. By using their skills for evil, they steal data, top-secret prototypes, and financial information.

Every year, their exploits cost the world economy 600 billion USD – or, about 1% of global GDP. In America, that number ranges from 59 to 109 billion USD. With figures that big, it can be hard to understand how it all translates to Main Street.

But, thanks to a recent report, we no longer have to wonder. According to its findings, 20% of all small businesses experience a tech breach annually. These attacks cost affected firms around $200,000, resulting in the closure of 60% of them just six months later.

Still not convinced your firm is in danger? Below, we’ll show you why it’s important to be serious about cyber security.

Security Breaches Can Severely Damage a Business’s Reputation

Acceptance of online shopping is at an all-time high. And yet, like a sandcastle meeting a wave, that trust can crumble in an instant. If a firm has customer financial data stolen, the consequences can dog them for years.

The 2013 Target cyber attack is a prime example. That year, cyber criminals made off with 40 million sets of payment details. After this news hit the press, Target’s stock tanked by almost half. Shortly after, the board terminated their CEO. A year later, sales sank by 4%. And, in 2017, Target settled a class-action lawsuit for 18.5 million USD.

However, Target is a massive corporation. As badly as that episode damaged their brand, they were able to weather the storm. As you saw in the intro, many smaller companies aren’t as lucky. If you get hit with a cyberattack, many customers will shift their business to competitors – and they won’t come back.

And, if your incident makes the press, things will get even worse. Every time someone searches your firm’s name, articles detailing the incident will likely pop up. By shoring up your cybersecurity, you can avoid an existential crisis like this.

A Cyber Attack Can Leave Affected Companies Insolvent

Hacker intrusions won’t just affect your customer’s financial information – it’ll hit you in the pocketbook as well. As we illustrated in the last section, the violation of trust created by data loss can result in the loss of future business.

However, some cyber attacks can directly impact your finances. Rather than steal data silently, some cybercriminals take complete control over a server, encrypting its files. To regain access, the victim has to pay a significant ransom, usually in cryptocurrency.

Appropriately, this maneuver is known as a ransomware attack. To satisfy the demands of these robbers, victims hand over a whopping 1.4 million USD on average. Ironically, by refusing to pay ransoms, you can cut losses in half, with rebuilding costs averaging around 730,000 USD.

However, for most small business owners, neither scenario is desirable. The average business has 27 days of cash set aside. For many enterprises, 730,000 USD is more cash than they have available. That’s why 60% of cyber attack victims go out of business within six months.

Even Novice Hackers Can Crack the Average Password

How on Earth do one in five businesses (~20%) get hacked every year? Let’s start with the basics – passwords. Splashdata analyzed a cache of cracked passwords used by cybercriminals. In the data set, 3% of all user accounts used “123456” as their passcode.

According to the same analysis, 10% of all users worldwide use some of the 25 worst passwords of 2019. At first glance, that might not sound bad, but remember – it just takes one compromised account to bring down an entire server.

Phishing and Social Engineering Attacks Easily Fool Employees

So, you brought in a new system that forces employees to use tough passwords. That’s great – by doing this (along with instituting password managers), you’ll greatly reduce your exposure to online threats.

However, the bad guys are always trying to stay one step ahead. In recent years, two new threats have emerged – phishing and social engineering.

In the first case, a hacker will send an e-mail that appears to be from an authority, like a bank. In them, they’ll request sensitive information, like user/password combos, and info intended to defeat 2FA. In some instances, they’ll actually phone your business. Posing as a CSA from a vendor or a financial institution, they’ll extract info from employees too smart to be phished.

If hackers succeed with either approach, the outcome is the same. Cybercriminals will mine your server from valuable data, or they’ll lock it down in hope of collecting a ransom.

Stay Safe on the Web

The information age has brought us an unprecedented opportunity. However, it has also introduced unforeseen threats. By prioritizing cybersecurity in your IT operations, you’ll significantly decrease the risks associated with being online.