43% of cyber attacks target small businesses, and nearly half of all SMBs have no understanding of how to protect themselves. (SCORE, Ponemon Institute).
Smaller organizations often fall under one of these three scenarios as to why they don't have an up-to-date IT environment to guard against security threats:
- The business is small, and owners haven't prioritized investing in IT – likely because they don't think it's needed.
- The business has dedicated some internal resources to IT. Still, those team members can't keep up with everything that needs to be done – especially amid strategic projects they are expected to deliver.
There's also a pervading mentality for all businesses that, "if it ain't broke, don't fix it". However, just because you're not noticing legacy system security flaws or a patch that's not deployed, it doesn't mean that all is well.
It takes hackers only minutes to get in your network, but an average of 279 days for businesses to identify and contain a breach. (IBM)
In a recent security assessment for one of our clients, we found that their system was accessed via a compromised email account two years ago. Bad actors were "in the building," so to speak, and waiting for the right time to act. We quickly got security measures in place, and four months into our project with them, we saw that bad actor trying to access the system. By this time, they were locked out, and we avoided a potentially debilitating cyber attack.
The average cost of a malware attack on a company is $2.4M. (Accenture)
This unseen and often undetected threat of malware, ransomware, viruses, etc., costs many companies dearly.
- FedEx had personal customer information stolen from an unsecured cloud storage server.
- Under Armour had 150 million cloud app users' data stolen.
- Saks Fifth Avenue had 5 million credit and debit cards stolen and sold on the dark web. (Microsoft)
These security gaps can result in significant financial loss, data privacy compliance penalties, and damage to customer satisfaction, and market reputation.
Protecting your business against cyber attacks is something you can start doing today. We have a free self-diagnostic assessment that we're happy to email you. Just reach out to us to request it.