According to a study by Kaspersky Lab and B2B International, the amount of financial loss suffered by small and medium businesses as a result of cyber-attacks continues to grow. In 2015, the damage from one cyber incident averaged $ 38,000. That sum includes the cost of calling in specialists to clear up the after-effects, missed business opportunities and losses caused by downtime.
As a rule, market penetration and financial stability are the main priorities for small business owners, who pay little or no attention to information security. As a result, their neglected IT infrastructure becomes a prime target for cyber-criminals.
The study found that in the last year around a third of small and medium businesses suffered downtime and missed business opportunities, and 88 per cent of them had to turn to third-party experts for help. On average, the latter accounted for about $ 11,000 of a company’s expenses. Lost profits, accounted for $ 16,000, while reputational losses – the damage to a company’s image – was estimated at more than $ 8,000, according to the respondents.
Every small or medium business faces the risk of incurring this scale of loss. The study shows that almost all organisations (90 per cent) were subjected to external threats at least once during the year, and 73 per cent of respondents encountered internal threats such as software vulnerabilities, or the risk of employees losing mobile devices or causing data leaks.
One of the key reasons for the high cost of cyber incidents is the fact that, if not prevented, cyber-criminals gain access to sensitive corporate information. More than a third (39 per cent) of companies confirmed they have lost confidential data as a result of a cyber-attack.
“When launching their latest venture, entrepreneurs need to carefully consider their investment and every aspect that could affect the company’s profit and reputation. That’s why it’s important to remember that any automation of business processes is associated with information security risks. The study shows that the potential losses greatly exceed the cost of security solutions, so we strongly recommend thinking about your company’s information security in advance,” said Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.