Useful guide: Combating cybercrime on a limited budget

When hackers breach the security of multi-national corporations it makes headline news, yet there is rarely a mention when cybercrime hits small to medium sized businesses (SMBs). Very few people are even aware that today’s cybercriminals are targeting SMBs, not just supersized global businesses.

According to a Verizon Data Breach Investigations Report, 71% of the data breaches investigated by the company’s forensic analysis unit targeted small businesses with fewer than 100 employees. Of that group, businesses with less than 10 employees were the most frequently attacked.

The loss and exposure of confidential data from a cyberattack is costly to both the people victimised and the businesses whose data was compromised.

For the victim, hackers typically retrieve personal information, bank account, credit card and social security numbers, resulting in identity fraud. The stress and time involved to reclaim their identity and get their financial house back in order is beyond measure.

For businesses, there are specific DBN (Data Breach Notification) laws and with GDPR (General Data Protection Regulation) on the horizon, managing breaches and data loss is a complex and costly process. The reputational damage caused by a breach can be disastrous for many businesses and steps need to be taken to mitigate this risk and ensure compliance with regulations.

According to research compiled by the Ponemon Institute in their 2nd Annual Cost of Cybercrime Study, the average cost per breached record is anywhere between £100 to £150. This amount factors in the costs of the investigation and notification process, fixing the issue that led to the breach, possible liability and litigation costs, lost business, and the time and effort that go into damage control. In many cases, a damaged reputation may prove to be irreparable. Nearly two-thirds of victimised companies are out of business within six months of a significant cyberattack, making cybercrime the death knell for many SMBs. This is because the consequences of cybercrime extend well beyond the actual incident and have long-lasting implications.

Small businesses obviously don’t have the same financial footing to rebound and carry on with business as usual in the way organisations like Amazon, Apple, Citibank or Target can. The purpose of this guide is to explain the risks and offer some practical advice on the steps you can take to be better protected.

The trend of cybercriminals preying on smaller businesses doesn’t seem to be waning.

Back to case studies