You have all heard about cyber-attacks and think they can’t happen to you. Then, you think that if this does happen, you’ll recover and be fine very quickly. The truth is different however….
The lifeblood of your business is your data. Data means your customer lists, inventory lists, customers’ orders, receivables, any corporate notes or even your emails.
What would happen to your business if you lost all this information?
A data breach can cause you to lose all the data you have collected over the years and can cause enormous business interruptions. There are other costs, however. If you take credit cards, you may have private customer information in that stolen data. You may need to inform all the customers who used credit cards at your company and provide them with monitoring since they are now at risk.
If you are a doctor or other health practitioner, you are responsible for an enormous amount of personal information. You know about HIPAA, but you may not know what to do if there is an attack on your office.
Look at the WaWa breach that was announced just recently. Many people used credit cards at their stations to buy gas or other items in their stores. Now, they have announced that they will offer monitoring so that customers who experience identity theft resulting from this breach will have some protection. The sad truth for consumers is that a breach like this – or the Target attack, the Equifax attack, or the Office of Personnel attack – can affect people years down the road. Their information may be for sale on the Dark Web for many years. This can happen to them long after the original attack and long after the “free” monitoring has ended.
Now, these breaches I mentioned are, of course, only a sample of the famous breaches that have been in the news. You may say to yourself, “This can’t happen to me. I’m only a small business.” Well, you’re wrong. There are many varieties of cyber thieves. More and more, they target smaller businesses. Some are just trying their hacker wings. Some just want to see what they can get away with. Some target smaller businesses because they know they’ll easier than larger companies. Most of the time, smaller businesses don’t have the same security as larger companies. They don’t have dedicated IT staffs, so they take chances. That gamble can end up costing them their businesses.
For one thing, your customers may not trust you anymore. They may feel that you were irresponsible with their personal information. According to Radware’s 2018 Consumer Sentiments: Personal Data and the Impact on Customer Loyalty, 68% of customers are reluctant to do business with a company that has experienced a data breach until they feel confident that the company has corrected the problem that caused the breach. Imagine the effect on your business if 68% of your customers refused to do business with you!
The other problem can be state and federal regulations. If there is a breach and you don’t have written policies and procedures in place, they can hit you with heavy fines. If you have taken the precaution of developing a plan for disasters, they are usually more lenient.
The costs can be broken down into three categories:
- Direct Costs – extra labor costs to hire IT people to come in and repair and/or audit your computer systems, patch your software. You and your employees may have to spend time to recreate your data, notify your customers, and provide monitoring services for your customers.
- Indirect Costs – You may have to pay regulatory fines, compensate your customers, pay legal expenses. There may also be extra insurance costs and you may suffer a decline in your stock price.
- Preventive Costs – Once you have experienced a data breach, you will become more proactive about prevention. You will have to pay for better, more hardened systems, for cloud protection, and for disaster recovery plans and for testing those plans.
Cyber threats are real, and this risk should be factored into any business plan. There are ways to protect your business and we will be happy to teach you everything we know about protecting your business and yourselves.