The Cost of Cyber Crime on SMBs

With data breaches from Samsung and Target making news headlines, it is easy to dismiss cyber-attacks and cyber-criminals as problems of large corporations and multi-national conglomerates. But cybercrime is just like offline crime – opportunistic crooks strike any targets that seem lucrative.

In the digital age where online data and information holds just as much value as physical goods, cybercriminals will leap at the chance to attack vulnerable small and mid-sized businesses (SMBs). According to the 2019 Verizon Data Breach Investigations Report (DBIR), 43% of cyber attacks targeted small businesses. And because these breaches almost never make the news, many SMBs continue to neglect securing their online presence, and thus continue to stay easy pickings, putting themselves at risk for considerable losses.

The potential repercussions of a single cybercrime incident could put an SMB out of business. Although cybercrimes range from service interruptions to data theft and vary in severity, each and every type of cybercrime poses immediate and long-term damages to a company.

The first immediate repercussion would be downtime and the loss of company assets, such as account numbers, passwords, customer records, and proprietary information. According to a 2013 National Small Business Association survey, the mean direct cost of a cyber-attack to a small business was almost $9000 USD. This could be the result of funds maliciously taken from business bank accounts, or the lost revenue during downtime of any online services. But the direct cost average does not take into account soft losses such as damage to brand reputation – losses which can be the most troubling impacts of cybercrime.

Indirect consequences of a cybercrime can severely dull a business’s competitive edge in the long term. Losing invaluable proprietary information compromises a business’s own private data. But losing customers’ data can not only result in the loss of reputation and customer loyalty, but also litigation for not exercising due diligence in protecting private information. These black marks on an SMB’s operating history would repel current and future customers, resulting in incalculable damage.

After suffering a cyber-attack, an SMB would likely need to take steps to repair its online reputation, incurring the final costs of post-attack recovery and protection. For the sake of re-appealing to customers and ensuring no future attacks, an SMB would need to find all enabling vulnerabilities and secure them. But the damage would have already been done.

Of course, it would always be possible to secure these vulnerabilities before cybercrime occurs. Beyond the insufficient protection of anti-viruses and firewalls, there are security solutions that pre-emptively reduce the chances of cyber-attacks and data breaches. In the digitally-driven world of online business environments and BYOD workspaces, securing your network is an essential priority in defending your business from cyber-attacks.

Please visit www.currentware.com for more information on effective cyber-security solutions.

by Andy Ma

The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.

• 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement
• 88% of IT workers have stated that they would take sensitive data with them if they were fired
• 72% of CEOs admit they’ve taken valuable intellectual property (IP) from a former employer
• 50% of respondents in a Symantec survey say they have taken information, and 40% say they will use it in their new jobs

These vulnerabilities need to be addressed as part of any insider threat management program. Click the button below to learn the best practices for protecting data during a termination and gain access to a downloadable IT offboarding checklist.