Recently, I came across an article in the Wall Street Journal about hackers stealing money and other information from small businesses and the lawsuits that typically follow from such an ordeal. I am not sure which is worse: the theft of “stuff” (i.e. money, data, information, etc.) or the expense of litigation. Either way, these are costs that can be avoided with a little bit of preventative effort.
I have heard small business owners say, “we don’t have the time to keep up” or “we don’t have the dedicated IT resources” or my new personal favorite, “we are a small business – we are too small to be targeted by hackers.”
Think again - here are some “not-so-small” statistics:
- The average U.S. data breach cost companies $194 per compromised record
- In 2011, there were 855 data breaches worldwide, with 72% of them affecting companies with less than 100 employees
- In 2011, a survey of executives at 500 US companies indicated they experienced a “cybersecurity incident” within 12 months that resulted in the loss of money, data, intellectual property (IP), which impacted their ability to conduct regular business activities
Here’s a key point to remember: most hackers want to get the biggest bang for their buck in the shortest amount of time. They want to steal the most data with the least effort so they can reduce the risk of getting caught. Therefore, they will target the database, so you better make sure it is protected. Physical security (e.g. card access to the building), firewalls, and secure communications are the front-line defenses, but don’t forget to protect the database itself.
You might be saying to yourself, “we don’t store sensitive data like credit cards, social security numbers, or medical records in our database so we are all set.” That may be true, but what would be the impact to your business if “non-sensitive” information were stolen and put in the hands of your competitors, such as the names of your exclusive vendors/suppliers and your negotiated prices, rates, and terms?
Hackers can bring down even the smallest business that is not properly protected – and that’s an expense no small business should ever have to pay.
Thanks and as always, please feel free to drop me a line and let me know what you think.