In the first six months of 2019 alone, data breaches exposed more than 4.1 billion records. An average of 28% of small businesses suffer data breaches each year, and as many as 10% of those businesses are forced to close their doors in the aftermath of the breach.
The cost of a data breach can have a substantial impact on companies of any size, and understanding the potential cost of that breach is critical for companies as they consider what cybersecurity measures they need to take to protect their businesses against ransomware and other cyberattacks.
Financial cost of cybersecurity breaches
When a cybersecurity breach occurs, the financial costs are the first concern of many businesses—and the costs of many of those types of attacks, including ransomware, have skyrocketed in recent years. According to cybersecurity firm OSIbeyond, ransomware attacks alone cost small organizations an average of $84,000. Larger organizations, or those hit harder in an attack, may face even higher costs. In many cases you may experience both immediate financial costs and ongoing financial costs as you work to restore your data and reestablish trust with your customers.
Within the groups of people who speak about cybercrime, there are thousands of ongoing conversations about specific cases (Cybersecurity Ventures estimates that globally a ransomware attack occurs every 11 seconds). These discussions rarely make it to the news or the information dashboards of small and medium-sized business owners. However, occasionally a cybersecurity breach is so significant it makes headlines, such as was the case with the Colonial Pipeline ransomware attack. Were you ready if you lived in the Southeastern United States? People panicked and, depending on your locale, it likely had a real impact on your business—and your personal life—through energy curtailment.
If you were a trade contractor and a key supplier came under attack, what would you do? It is almost impossible to be fully prepared for a cyberattack as it can be focused directly on your business or come via a supplier, a customer, or even your bank. We live in a connected economy linked via the internet, and hackers are professionals at attacking businesses small and large.
The dangers of a ransomware attack
There are three basic entry points where ransomware can interrupt your business operations: your technology connection with your customer, your own email system, and your technology connection with your vendors. If you have customer-facing web servers for your e-commerce or VPN, you have a direct entry point through your customers to ransomware attacks. Second, ransomware can also arrive via spam email with attached Word or Excel files or remote desktop protocol (RDP) brute force attacks. Third, there are firms in your supply chain who, due to their lack of attention, may suddenly become unable to supply or properly reconcile with you due to a ransomware attack on their systems.
Frequently, a ransomware attack goes beyond locking down your data through encryption in place. More often, the ransomware extracts the data and stores it in pirate cloud servers, then further adds to the data from other sources (legal and illegal), then resells it to criminal groups who bid on these data blocks. You might imagine your payment and banking data residing on vendors’ servers and subsequent further sales of your financial data to other criminal parties. It is worrisome to envision all your customers’ sensitive data posted on the internet somewhere.
Until relatively recently, one might believe that simply being disciplined with regular software updates, patches, and the latest anti-virus software would adequately protect your business against ransomware and other threats. That is until December 2020 when, while the world was focused on other things, we learned about a new source of infection by third-party suppliers. Security experts discovered a highly sophisticated cyber intrusion that leveraged commercial system management software. Advanced persistent threat (APT) actors inserted a backdoor into the SolarWinds application during vendor development, which meant that installing the product to defend and manage against technology service interruption in fact created the ability for disruption by threat actors.
The persistent threat of ransomware and other cyberattacks is a clear and present danger to our trade, commerce, financial, and government systems. What can the owner of a small or midsize business do to mitigate risk?
1. Protect your points of entry
Website security and intrusion, email, user clicks, and malware (by many means, including insider threat) all represent risk. Ensure your IT team, whether they are internal or external to your organization, takes security seriously. Provide employees with ongoing and active training on data security best practices, such as changing passwords frequently, being aware of spam and hacking practices, checking sender emails for the validity of the sender, and never opening an attachment unless you are expecting it.
2. Discuss cyberthreats with vendors
Your company is your responsibility and protecting it sometimes requires you to have uncomfortable conversations with business partners. Ask your vendors about their cybersecurity protocols and have them brief you about how they protect your data and what the plan is in the event of a cyberattack. In addition, be sure you have a backup plan should your primary vendors be unable to operate normally.
3. Publicly discuss cybersecurity
No doubt your firm has safety procedures in place but educating your employees on how to be on the lookout for spam, hacking, and ransomware is critical. Be active with your local, state, and federal political lawmakers and representative leaders regarding cybersecurity legislation. And if you are compromised by a cyberattack, always contact the FBI—it is the first question your cyber insurer will ask you if you get hacked.
To protect your business, be prepared
Our digital networks link us all together, but they also make us vulnerable to bad actors from anywhere across the globe. Prepare your business for the possibility of cybercrime like you would prepare against any other disaster or unexpected event.
About the Authors
Terry J. Ingram is a Partner at Newport, LLC, as a corporate adviser in global expansion, repatriation of products and services, chaired in acquisitions and turnarounds with a keen focus in revenue growth, critical path engineering, and sales; reach him via email at email@example.com. Michael Evans has been with Newport LLC since 2012, where he serves as a board member and Chief Executive Officer, and writes and reports on a variety of business topics for emerging growth companies. See Michael’s articles and full bio at AllBusiness.com and LinkedIn.
This article was originally published on AllBusiness.com.