Half of all small businesses in the U.S. have been hit with a cyberattack – and that's not the scariest news. The cost per attack last year skyrocketed to $20,752, up from $8,699 in 2013, according to a survey by the National Small Business Association. The actual tab for a security break can quickly spiral even higher, putting the life of a small or medium-sized business on the line.
Among the unexpected burdens: Business down time:
Routine business may be disrupted when the website is offline and while experts track the source of the attack and purge viruses or software. Customer fallout:
Most states require companies to notify customers when personal data is breached. And customers are demanding recompense. According to a 2014 survey by research firm Ponemon Institute, most consumers believe that organizations should be obligated to provide identity theft protection (63 percent of respondents), credit monitoring services (58 percent) and compensation in cash, products or services (67 percent) following a breach of their personal information. A cloudy future:
Companies can be liable for damages in lawsuits brought by violated customers. Penalties for HIPAA (Healthcare Insurance Portability and Accountability Act) violations can reach $1.5 million per violation.
“Pretty much everything that owners of small or medium-sized business think they know about cybersecurity is out of date,” says Bruce Parkman, chief executive officer for MainNerve, a Colorado Springs cybersecurity company.
“Yet many CEOs are in denial about the risk and the need for their involvement.”
The risk that small or medium-sized businesses will be hacked has increased exponentially, Parkman says. “It's a question of when they will be hacked, not if they will be hacked.”
Parkman's guidelines for securing your company's safety: 1. Establish a budget for cybersecurity.
Smart companies allot three percent to five percent of their annual budgets to cybersecurity and it's worth every penny, says Parkman. “What are the crown jewels that your company could lose in a computer break-in?” he asks. “Can you afford to wake up one morning and discover that this information has been stolen and made public? Or worse – and all too common – that the crown jewels were stolen months or years ago, and you never knew?” 2. Hire a security expert to design a data security plan.
Creating a legal, effective cyber defense plan is not a DIY project for a company's IT team. There is no substitute for hiring a skilled, seasoned cybersecurity specialist. Pick a friend for life, Parkman advises. “Look for a security partner who will have your back and safeguard you at all costs. A good provider will work with you hand-in-hand to build a program from the ground up.” 3. Review and refresh your digital security measures.
Cybersecurity requires continued diligence. To counter new data thieves and malware, your company must review and adapt its data breach response plan and maintain vigilance long-term. “A security system is worthless if it's not updated,” says Parkman. 4. Don't overpay.
Companies that have been hacked are willing to pay almost any price to address their issues. Opportunists in the cybersecurity business are happy to oblige. “When people are scared and don't know which way to turn, they'll pay anything,” says Parkman. “But these huge markups are not necessary.” A pricing model based on number of IP addresses a company owns is one technique that can inflate cost, Parkman points out.
MainNerve provides small and medium-sized companies with defense-grade cybersecurity services: real-time, active defense against a hack, compliance solutions and training. For more than a decade, MainNerve served the Department of Defense, including training for U.S. Special Operations Command, and several national law enforcement agencies.
“Thanks to our defense background, we are the most capable, thorough and cost-effective service out there,” says Parkman. Ask about our risk assessment service and learn how MainNerve can put defense-grade cybersecurity measures to work for your company. Call MainNerve today, 877-889-6600, email us or request more information at our website. Sponsored Content