Change Country

Digital Advisory Services

Cyberattacks: Your Small Business’s Worst Nightmare

Posted on December 27, 2021 by

Elly Mioduszewski

Elly Mioduszewski

Share This

Estimates say that cyber breaches can go undetected for about 200 days on average. A lot of damage can be done in the time that companies don’t even realize they have been compromised. Phishing is the most commonly reported type of attack, followed by viruses or Trojan horses.

Should my business invest in cybersecurity?

The answer is a resounding yes and here are just three of the many reasons why.

1. Small Business: A Cybercriminal’s New Favorite Target?

When large corporations are targeted, we hear about it in the news. While we may not read it in the headlines, small businesses are common targets. In fact, more than two-thirds of businesses employing fewer than 1,000 employees have been targeted, with 58% having experienced a breach. Given the worst circumstances, 60% of small businesses could close their doors as a direct or indirect result of cyberattack damages.

According to first quarter 2021 Middle Market Business Index data, 28% of middle market executives reported a data breach in the last year. Whether it’s the lack of resources, limited staff, access to other companies’ information within a larger supply chain, or the greater effect any one attack would have to their business, smaller companies represent a unique target for criminals. If you combine that with the growing myth that cyberattacks only target large companies, every small business in the U.S. is at great risk.

2. Human Error and Its Role in a Breach

Your staff is often your top resource and a major reason for your success. That’s not the case when it comes to cyberattacks. Studies estimate that human error is responsible for anywhere from 88% to 95% of all cybercrimes. The attack technique phishing is a part of more than one-third of all cyberattacks. If left untrained, your employees may represent the most likely access point for a breach.

Adding to this is the impact of COVID-19 and a workforce being forced out of facilities. Remote work creates new access points and makes it more difficult for in-house IT to effectively monitor devices and protect sensitive information.

Your business can reduce the inherent risks of human error by investing in a cybersecurity training program that may include mock phishing attempts, employee required annual learning, in addition to many others. Cyber training programs vary widely and can be designed for your business.

3. The Costs of a Cyberattack are More than You Think

Less than one-third of all businesses rate their ability to properly identify or prevent a cyberattack as highly effective. The direct and indirect costs associated with these attacks can be staggering. Cybersecurity insurance is a good first step on your cyber program journey. Beyond the immediate hit on company production, the costs you could incur include:

  • System downtime
  • Reduced efficiency and supply chain slowdowns
  • Reputational damages and related trust issues
  • Financial burdens of making one-time or multiple ransom payments

Contact Us

You don’t have to combat cyberattacks alone. Contact us today if you need support with your cybersecurity strategy. We can connect you with the professionals and resources who can help.

Share This

Elly Mioduszewski


Elly is an integral member of the firm's digital advisory group, helping owners leverage data analytics and improve their business processes.

Related Insights

Digital Advisory Services

Taking Stock of Your IT Management

Posted on August 24, 2022 by

Elly Mioduszewski
Do you have a grasp on your company’s IT environment? Focusing on ways to improve your security and monitoring, access and change management, and system development lifecycle can help minimize risk and maximize opportunities for growth.

Digital Advisory Services

What’s Measured is Managed: KPIs for Growth

Posted on July 7, 2022 by

Elly Mioduszewski
Basing business decisions on data is undeniably essential for long-term success and growth. There is more data available than ever before and a growing offering of automation tools to match data processing demands. Here are four vital Key Performance Indicator (KPI) categories that industrial automation businesses should track to promote successful outcomes.

Digital Advisory Services

Using Standardization for Anything-But-Standard Results

Posted on June 29, 2022 by

Elly Mioduszewski
Implementing standardized work processes can provide you and your team with more time to look at results so you can determine where to go next—rather than spending unnecessary time capturing and correcting routine activity. 

The Sound of Automation Podcast

Industrial automation businesses are the driving force behind Industry 4.0, and Clayton & McKervey is here to help.

Skip to content