What actually happens to a small business after they have suffered a breach? Unfortunately, the aftermath of a security breach does not look too pretty.
I am guessing that you have read a fair share of articles regarding cyber-security which, to me, seem to have appeared more copiously than ever this year. Interesting though is the lack of discussion about what actually happens to a small business after they have suffered a breach. Unfortunately, the aftermath of a security breach does not look too pretty.
I’ve been breached…
According to the PWC Information Security Breaches Survey 2015, a breach on average costs a small company between £75k and £311k. Small organisations appear to be subject to greater targeting by outsiders, with malicious software impacting nearly three-fifths of small organisations. These figures account for the breach itself but sadly, it doesn’t stop there…
Following a breach a business must spend time responding to the incident which on average can take between 13-24 working days. It is certain to say that both time and money costs will be dedicated to resolving the issue and to prevent any further damage to the company depending on the type of attack it is.
Disruption to the business can take between 2-12 working days to rectify and can cost between £40,000-£225,000. On top of this regulatory fines and compensation payments must be paid and costs increase further due to lost assets.
Security breaches leave business trust in jeopardy. Clients will turn to competitors instead and can result in £25,000-£45,000 of lost business. Not only will trust be lost by clients but also by employees, some of whom may resign. Remember, it’s not just client’s confidential data you are housing but your employee’s too. Rebuilding trust, your brand and reputation will not just cost you money but will take time, effort and will take extra dedication to marketing your business in order to wipe the slate clean and be shown in a new, positive light.
What can I do?
It is not all bad news in this blog! A security breach (I hope) has not happened to your business and there are some simple steps you can take to avoid journeying on this unravelling road of disastrous consequences.
The first thing I will say is obvious but it still needs to be said. Cyber-security measures should be put in place. Cyber-security will create a strong barrier to defend against malicious activity and will also give you some peace of mind knowing that you are secure. Secondly, all employees should be educated so they are cyber-aware and stay vigilant as it is everyone’s responsibility to keep the company doors shut to intruders (if you have been following our previous blogs this may seem repetitive now! Click here for more.) On top of these two preventative measures is the need for cyber insurance which you can read about in another previous blog here. In a nutshell, cyber insurance covers a range of insurance policies such as data breach/privacy management cover and extortion liability cover so in the unlikely event you are breached (given that you have cyber-security solutions in place) cyber insurance will help you in tackling all the aforementioned factors to get your business back up and running.
Safe to say a breach is not something any company will welcome with open arms but without taking action invites hackers to feast on your data. However, it is the aftermath of a breach that will severely damage your wallet.