Is your business secure? While the question seems simple enough, it’s entirely likely that independent business owners are greatly underestimating just how vulnerable their data actually is. And though cybersecurity is a topic that we’ve covered ad nauseum on the Nationwide Marketing Group blog and our Independent Thinking Podcast, at the same time it feels like we really haven’t done enough to spread the word about how important it is to protect your business from cybercriminals.
To set the stage, consider these five astounding cybercrime facts:
-
- Small business account for 43 percent of all cyberattacks each year.
- On average, small- and medium-sized businesses lose $25,000 due to cyberattacks – and that’s not counting the time your business might be down and unable to process orders.
- Speaking of down time, the average length of time a business gets shut down because of a cyberattack is 21 days.
- In 2023, the average cost of a data breach in the U.S. is expected to reach $9.48 million.
- Cybercrime is expected to become a $10.5 trillion market by 2025.
Today, cybersecurity is about far more than protecting your business from a virus or malware that locks down your computers and your data. While those remain an important area of concern in the world of cybersecurity, much like technology has advanced over the past several decades, so too has the complexity of hackers’ efforts to obtain access to your data.
According to the World Economic Forum, 95 percent of cyberattacks on small- and medium-sized business can be attributed to human error. That means employees at a company fell victim to some form of phishing attempt (think, emails from a Saudi Prince seeking to store $300 billion in your private account, only far more authentic sounding) or failing to keep their devices secure. In fact, of the known cyberattacks in the U.S. last year, the primary causes for a company being hacked included phishing (25 percent), unpatched vulnerabilities (11 percent), social engineering (5 percent), and other human-error related reasons like device theft, sending emails to the wrong person, etc. (14 percent).
So, to pose that question again: Is your business secure? Because the second you start to let your guard down and think that your business is not at risk is when you open yourself up to a potential cybersecurity catastrophe. The last thing you should be telling yourself is, “This will never happen to me or my business.” We’ve seen it far too many times not just in the independent business world but within the NMG Membership.
According to a recent NMG survey, though, that’s exactly how a large portion of independent retail business owners feel. When asked how concerned they were about a potential virus or cyberattack, over 53 percent of respondents said they were only a little concerned or not concerned at all. Only 9 percent were concerned “a lot” and 3 percent were concerned “a great deal.” The remaining 35 percent were on the fence.
We’re not saying that cybersecurity needs to be something that keeps you up at night or has you constantly looking over your shoulder. But it’s not something you want to take lightly or become lackadaisical about.
All it takes is some regular and recurring education and training around proper cybersecurity etiquette. Of course, it would behoove the independent business owner to implement certain control measures like multifactor authentication on all connected devices, regular vulnerability scans, strong antimalware programs, and more. You can, as well, test employees’ awareness and ability to identify phishing attempts by launching your own controlled attempt to phish for information. And then have a plan in place for what you’ll do if your business or data becomes compromised.
Being prepared and aware is key to keeping your business secure in today’s world. But at the very least, you need to shake the mindset that this is something that can’t or won’t happen to you. It’s better to be intentional about protecting your business and your data rather than being forced to react.
Interested in learning more about cybersecurity measures you can put in place? Want to take advantage of a free dark web scan of your business? Reach out to Eric Sindelar, director of connected services at Nationwide, at eric.sindelar@nationwidegroup.org.