Change Country

Digital Advisory Services

Cyberattacks: Your Small Business’s Worst Nightmare

Posted on December 27, 2021 by

Elly Mioduszewski

Elly Mioduszewski

Share This

Estimates say that cyber breaches can go undetected for about 200 days on average. A lot of damage can be done in the time that companies don’t even realize they have been compromised. Phishing is the most commonly reported type of attack, followed by viruses or Trojan horses.

Should my business invest in cybersecurity?

The answer is a resounding yes and here are just three of the many reasons why.

1. Small Business: A Cybercriminal’s New Favorite Target?

When large corporations are targeted, we hear about it in the news. While we may not read it in the headlines, small businesses are common targets. In fact, more than two-thirds of businesses employing fewer than 1,000 employees have been targeted, with 58% having experienced a breach. Given the worst circumstances, 60% of small businesses could close their doors as a direct or indirect result of cyberattack damages.

According to first quarter 2021 Middle Market Business Index data, 28% of middle market executives reported a data breach in the last year. Whether it’s the lack of resources, limited staff, access to other companies’ information within a larger supply chain, or the greater effect any one attack would have to their business, smaller companies represent a unique target for criminals. If you combine that with the growing myth that cyberattacks only target large companies, every small business in the U.S. is at great risk.

2. Human Error and Its Role in a Breach

Your staff is often your top resource and a major reason for your success. That’s not the case when it comes to cyberattacks. Studies estimate that human error is responsible for anywhere from 88% to 95% of all cybercrimes. The attack technique phishing is a part of more than one-third of all cyberattacks. If left untrained, your employees may represent the most likely access point for a breach.

Adding to this is the impact of COVID-19 and a workforce being forced out of facilities. Remote work creates new access points and makes it more difficult for in-house IT to effectively monitor devices and protect sensitive information.

Your business can reduce the inherent risks of human error by investing in a cybersecurity training program that may include mock phishing attempts, employee required annual learning, in addition to many others. Cyber training programs vary widely and can be designed for your business.

3. The Costs of a Cyberattack are More than You Think

Less than one-third of all businesses rate their ability to properly identify or prevent a cyberattack as highly effective. The direct and indirect costs associated with these attacks can be staggering. Cybersecurity insurance is a good first step on your cyber program journey. Beyond the immediate hit on company production, the costs you could incur include:

  • System downtime
  • Reduced efficiency and supply chain slowdowns
  • Reputational damages and related trust issues
  • Financial burdens of making one-time or multiple ransom payments

Contact Us

You don’t have to combat cyberattacks alone. Contact us today if you need support with your cybersecurity strategy. We can connect you with the professionals and resources who can help.

Share This

Elly Mioduszewski

Manager, Consulting

Elly is an integral member of the firm's digital advisory group, helping owners leverage data analytics and improve their business processes.

Related Insights

5 Questions to Ask Before Any Big Technology Investment

In today’s always on, work-from-anywhere business environment, it is crucial to choose productivity tools that boost your competitive edge. Besides cost savings, the right technology stack can deliver gains in customer experience, employee engagement and your ability to innovate. Here are five questions to help you evaluate productivity tools with confidence.

by Ben Smith

Technical Debt: The True Cost of Delays

We recently spoke with Brent Yax, founder of the IT support firm Awecomm, about how to get your arms around technical debt before it starts taking on a life of its own. 

by Ben Smith

Taking Stock of Your IT Management

Do you have a grasp on your company’s IT environment? Focusing on ways to improve your security and monitoring, access and change management, and system development lifecycle can help minimize risk and maximize opportunities for growth.

by Elly Mioduszewski

The Sound of Automation Podcast

Industrial automation businesses are the driving force behind Industry 4.0, and Clayton & McKervey is here to help.

Skip to content