Can a cyberattack put your small business out of business? Possibly. Will it cost your company dearly? Most definitely.
Many small business leaders think that a cyberattack will never happen to them because their businesses are too small to be noticed by cybercriminals. However, this is a dangerous misconception that can get a business into trouble. The number of cyberattacks targeting businesses with fewer than 250 employees has been steadily increasing over the last five years. In 2015, 43 percent of all reported cyberattacks were against small businesses, according to Symantec’s “2016 Internet Security Threat Report”.
The effects of a cyberattack can be devastating to a small business’s bottom line and maybe even to its very existence.
The High Costs of Cyberattacks
In a 2015 study of more than 5,500 companies in 26 countries around the world, Kaspersky Lab and B2B International found that a single cyberattack costs small and midsized businesses an average of $54,653. This figure includes:
- The costs associated with downtime (an average of $23,000)
- The money spent on bringing in external help (e.g., IT security consultants, lawyers) to deal with the aftermath of the cyberattack ($10,000 on average)
- The money spent on public relations efforts to manage communications with customers and the public as well as the money spent on marketing activities designed to reduce the cyberattack’s impact on the business’s reputation ($8,653 on average)
- The expenses incurred from upgrading the IT infrastructure, hiring more staff, and other measures taken to prevent future cyberattacks (an average of $8,000)
- The costs associated with lost business opportunities (an average of $5,000)
The $54,653 figure does not include hidden costs and effects that are hard to monetarily quantify. According to the Deloitte Advisory’s 2016 report “Beneath the surface of a cyberattack: A deeper look at business impacts”, they include:
- Higher insurance premiums
- Higher interest rate for borrowed capital if the business’s credit rating falls
- Devaluation of the business’s name or logo
- Loss of competitive advantage if intellectual property was stolen during the cyberattack
While you might not incur all of these hidden and non-hidden costs if your business is attacked, those that you do encounter will deal your company a significant financial blow.
Paying the Ultimate Price
The high costs of a cyberattack might result in a small business paying the ultimate price: going out of business. According to the U.S. National Cyber Security Alliance, 60 percent of small companies experiencing a cyberattack go out of business within six months. This alarming statistic is from 2011, though, and no recent studies have been conducted to confirm it. Nevertheless, the threat is still real. Just ask the former employees of Code Spaces.
Code Spaces was a small company that offered source code management tools. In 2014, a hacker took over part of its IT infrastructure in an attempt to extort money from the company. When Code Spaces refused to give into the demands, the hacker deleted most of the company’s data and its backups. Code Spaces went out of business as a result.
Prepare Now So You Do Not Have to Pay Later
No matter whether your business is large or small, you need to do everything that you can to protect it against cyberattacks. You probably already take some measures, such as using firewalls and anti-malware software. However, your IT service provider can conduct a security analysis and recommend additional ways to secure your business.