Estimates say that cyber breaches can go undetected for about 200 days on average. A lot of damage can be done in the time that companies don’t even realize they have been compromised. Phishing is the most commonly reported type of attack, followed by viruses or Trojan horses.
Should my business invest in cybersecurity?
The answer is a resounding yes and here are just three of the many reasons why.
1. Small Business: A Cybercriminal’s New Favorite Target?
When large corporations are targeted, we hear about it in the news. While we may not read it in the headlines, small businesses are common targets. In fact, more than two-thirds of businesses employing fewer than 1,000 employees have been targeted, with 58% having experienced a breach. Given the worst circumstances, 60% of small businesses could close their doors as a direct or indirect result of cyberattack damages.
According to first quarter 2021 Middle Market Business Index data, 28% of middle market executives reported a data breach in the last year. Whether it’s the lack of resources, limited staff, access to other companies’ information within a larger supply chain, or the greater effect any one attack would have to their business, smaller companies represent a unique target for criminals. If you combine that with the growing myth that cyberattacks only target large companies, every small business in the U.S. is at great risk.
2. Human Error and Its Role in a Breach
Your staff is often your top resource and a major reason for your success. That’s not the case when it comes to cyberattacks. Studies estimate that human error is responsible for anywhere from 88% to 95% of all cybercrimes. The attack technique phishing is a part of more than one-third of all cyberattacks. If left untrained, your employees may represent the most likely access point for a breach.
Adding to this is the impact of COVID-19 and a workforce being forced out of facilities. Remote work creates new access points and makes it more difficult for in-house IT to effectively monitor devices and protect sensitive information.
Your business can reduce the inherent risks of human error by investing in a cybersecurity training program that may include mock phishing attempts, employee required annual learning, in addition to many others. Cyber training programs vary widely and can be designed for your business.
3. The Costs of a Cyberattack are More than You Think
Less than one-third of all businesses rate their ability to properly identify or prevent a cyberattack as highly effective. The direct and indirect costs associated with these attacks can be staggering. Cybersecurity insurance is a good first step on your cyber program journey. Beyond the immediate hit on company production, the costs you could incur include:
- System downtime
- Reduced efficiency and supply chain slowdowns
- Reputational damages and related trust issues
- Financial burdens of making one-time or multiple ransom payments
You don’t have to combat cyberattacks alone. Contact us today if you need support with your cybersecurity strategy. We can connect you with the professionals and resources who can help.