Small business? Big cybersecurity risk
Globally, cyberattacks are on the rise and more small businesses are being targeted. According to the World Economic Forum (WEF), cybercriminals often target smaller companies that serve larger clients.
Small, medium & micro enterprises (SMMEs) that serve critical infrastructure providers and global corporations are particularly at risk, as are those with systems that integrate into regulated industries like insurance, healthcare, banking and credit monitoring.
For these smaller companies, the implementation of robust cybersecurity measures, and insuring against the effects of a breach, are often constrained by budget. However, these costs must be factored into monthly operational costs, says George Parrott, a partner at King Price Insurance.
He lists seven reasons SMMEs need to invest in cybersecurity and insurance:
1. The actual cost of a breach
While IBM reports the hard costs related to data breaches increased during and after the pandemic, it’s often difficult to define the real cost of a security breach, which includes intangibles like loss of trust, reputation and loyal customers.
2. Remote and hybrid work
IBM notes that, in 2021, the remote and hybrid work setups necessitated by COVID-19, which have since become the new norm, contributed to the highest average cost of cyber incidents in 17 years: $4.24 million. This is a full 15% increase from three years prior. In addition, breaches cost $1 million more when remote work was a factor, compared to companies that retained full in-house capabilities. These figures represent global statistics but, if you apply the current rand/dollar exchange rate, it becomes apparent these numbers need to be taken seriously.
3. More mobile devices
There are now billions of connected devices, and each presents an opportunity for cybercriminals. Every new Bluetooth speaker and smart appliance, for example, represents a potential entry point for a cyberattack.
4. Increasing uptake of apps and AI tools
Time-savers like PDF and image conversion apps are handy but, if they’re not officially sanctioned, they’re known as ‘shadow IT’ because they could be doorways for cybercriminals to enter uninvited.
5. Cybercrime consortiums
Modern hackers have forums, networks and tools, and they work together to find technical vulnerabilities.
6. Time taken to detect
On average, it takes nearly 287 days to detect and contain a data breach. A solid cybersecurity and insurance strategy can reduce this time, helping businesses bounce back faster.
7. Trust
When a company’s customers know the security of their data is prioritised, it helps to build trust – an important pillar for ongoing relationships.
Implementing sound protection against cybercrime has myriad facets, and if SMMEs don’t have adequate technical IT skills in-house, it makes sense to outsource these functions to a specialist company. At the very least, SMMEs should have a few security protocols in place, including firewalls, documented cybersecurity policies, ongoing employee education, enforced safe password practices and regular data backups.
It’s important to bear in mind, though, that these are protections – not guarantees.
As both local and global SMMEs grapple with cybersecurity challenges, the WEF’s Global Cybersecurity Outlook Report 2024 states that more than 30% of organisations that are breached report a reduced inability to deal with attacks. This supports the argument in favour of partnering with IT security professionals to help prevent breaches, as well as with insurers that offer protection and support in the wake of breaches.
“As SMMEs integrate into the global digital ecosystem, they encounter new risks and vulnerabilities. Any organisation that holds the personal information of clients or employees – which, by default, includes every single organisation – or which has access to systems operated by external parties must start prioritising cybersecurity. A failure in this regard threatens the organisations as well as the wider ecosystems they operate in,” concludes Parrott.
Image credit: peoplecreations/Freepik