Webmaster

What’s at Stake If Your Company’s Web Security Is Compromised?

When we hear about web security breaches, it’s often in the context of recognizable names. Cue Target, Yahoo!, Weebly, Anthem, Ashley Madison, Home Depot . . . But there are digital disasters on a less publicized basis that also entangle mid-sized companies and small businesses. According to the Ponemon Institute, half of all small business…

When we hear about web security breaches, it’s often in the context of recognizable names. Cue Target, Yahoo!, Weebly, Anthem, Ashley Madison, Home Depot . . . But there are digital disasters on a less publicized basis that also entangle mid-sized companies and small businesses.

According to the Ponemon Institute, half of all small business have been breached in one way or another within the past year. The reasons that hackers and data thieves target such outfits are simple – fundamentally, smaller providers and operators are easier targets.

But what, precisely, are the costs, losses, damages and pitfalls associated with online hacks, phishing scams, informational breaches and data theft? The following metrics illustrate why entrepreneurs must take note, even though 82 percent of them think “they don’t have anything worth stealing.”

A Preemptive Strike: Insurance Against Hacking

In step with growing concerns about enterprise-level security vulnerabilities, big business continues to build up its stores in the event of cyber breaches. A few figures demonstrate just how much companies continue to show they care about becoming the next digital security victim, based on their investment in cyber hacking insurance coverage to mitigate the damage should it occur.

  • $2.5 billion in premiums (2014)
  • $2 billion in premiums (2013)
  • <$1 billion in premiums (2011)

Source: Llloyd’s – http://fortune.com/2015/01/23/cyber-attack-insurance-lloyds/

Top Industries for Cyber Attacks

RAND researchers found that the average financial tally stemming from a security breach was $200,000 – an amount practically on par with the typical mid-sized business’s total security budget. In a study evaluating 12,000 cyber incidents, researchers discovered that the sectors most affected by hacking are:

  • Finance and Insurance
  • Healthcare
  • Government

Source: “Examining the Costs and Causes of Cyber Incidents,” Rand Corporation, October 2016, https://www.rand.org/pubs/external_publications/EP66656.html

The Type of Data Hackers Prize

Businesses have loads of information that is valuable on the digital black market. According to Towergate Insurance, some of the most prized confidential data includes:

  • Client lists
  • Customer databases
  • Financial details
  • Pricing information
  • Product designs
  • Manufacturing processes
  • Internal correspondence

Source: “SMEs and Cyber Attacks: What You Need to Know,” Towergate Insurance, https://www.towergateinsurance.co.uk/liability-insurance/smes-and-cyber-attacks

Average Costs of Data Breaches

The outlay resulting from a technological jailbreak isn’t always created equal. The expenses and losses trend higher for American businesses when contrasted with the average costs elsewhere. Thus, when a company loses money in the event of a data breach, the costs are higher domestically versus globally – and those costs continue to mount each year.

  • 2013: U.S. – $5.4 million; Global – $3.02 million
  • 2014: U.S. – $5.85 million; Global – $3.53 million
  • 2015: U.S. – $6.53 million; Global – $3.79 million

Source: The Ponemon Institute, IBM, http://www.businessinsider.com/cyber-attacks-are-costing-companies-millions-of-dollars-heres-how-they-can-mitigate-those-costs-2016-2

Why Small Businesses Are More Vulnerable Cyber Threat Targets

According to Symantec’s 2016 Security Threat Report, smaller companies are ripe for reckoning by phishing scammers. In fact, in 2015, small businesses were the targets of cyber attacks 43 percent of the time – up from 18 percent in 2011. Plus, Nationwide Insurance determined that 80 percent of small businesses lack a cyber attack plan. Reasons SMBs are sought out by black hat tech criminals include:

  • Lower levels of encryption technology
  • Fewer staff trained to detect scams like phishing emails
  • More likely to have guessable passwords
  • Less apt to have current antivirus and malware software
  • Operating with no IT personnel
  • Underestimating overall risks
  • Serving as possible gateway to “bigger fish,” such as banking institutions or larger companies (service providers / vendors)

Leave a Reply

Your email address will not be published. Required fields are marked *