Small Business Security Breaches Add up to Big Losses

By Pedro Hernandez | Posted November 10, 2015

Another week, another security breach.

In what's starting to feel like a regularly scheduled event, a major retailer or service provider makes the news because of a major data breach. Rarely, if ever, do security breaches affecting small businesses grab headlines. But they happen, and when they do they can seriously damage a company's finances.

A recent report (PDF) from the security specialists at Kaspersky reveals that on average, recovering from a security breach costs small businesses $38,000. Although it's a drop in the bucket compared to the $551,000 sting suffered by large enterprises, not all small businesses can take with that kind of a hit without it affecting their growth, or outright slamming the brakes, on their business.

small business data security

Small Business Data Security Denial

A data breach is preventable, stressed Andrey Pozhogin, senior product marketing manager at Kaspersky Lab North America. But as usual, human nature throws a wrench into the works. Most small business owners understand that risks to their networks, PCs, and servers exist; they just don't think it can't happen to them, Pozhogin told Small Business Computing.

"Although [small business] awareness around security is up, it's not affecting their security strategies," said Pozhogin. Despite the attention-grabbing headlines and the occasional replacement credit/debit card in the mail—courtesy of the latest large-scale data breach—those concerns fade the moment a small business owner gets to work.

Entrepreneurs aren't willfully throwing caution to the wind. They just don't know any better. "You're not a security officer, you have a business to run," Pozhogin said. But if there's one thing business owners understand, it's money. By highlighting the costs of inadequate data security, Pozhogin and his group hope to prod SMBs into action.

The Cost of a Small Business Data Breach

Kaspersky Lab and B2B International, a market research firm, surveyed 5,500 companies across the globe. Eight-eight percent of SMBs (1,500 seats or fewer) had incurred the expense of professional services to bounce back from a breach, typically $11,000.

If word that a small business suffered a security breach spreads, it can say good-bye to $16,000 in lost business. In particularly nasty cases where IT systems have crashed or need to be taken offline for a thorough cleansing, SMBs can lose $66,000 due to downtime.

And don't put away the company checkbook once the dust settles.

To prevent an incident from happening again, SMBs can expect to fork over $8,000 on average in indirect spending. Fifty-four percent of SMBs reported spending $7,000 on new IT systems to guard against security breaches. Another 47 percent said they spent $5,000 in training while 41 percent parted with, on average, $5,500 for knowledgeable staff.

Small Business Data Held Hostage

Like large businesses, SMBs can suffer from a range of threats, including targeted espionage, as sinister as it sounds, to good old-fashioned attempts to gain unauthorized access to their networks. Particularly, Kaspersky warned that SMBs should be on the lookout for distributed denial of service (DDoS) attacks that seek to overwhelm a smaller organization's comparatively weaker network defenses.

However, said Pozhogin, there's another threat that's been making life miserable for many businesses: ransomware.

This type of malware encrypts your data files are and holds them hostage until you pay up. Short of keeping regular backups, there's little you can do but meet the cyber-robbers' demands and hope they keep their end of the bargain.

And good luck trying to retrieve the encryption on your own. "There are thousands of different variations of [ransomware]," said Pozhogin, in addition to the widespread use of strong encryption. "It's an example of a great technology used as a weapon against lawful users."

Pedro Hernandez is a contributing editor at Small Business Computing. Follow him on Twitter @ecoINSITE.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date