The use of digital technology is fundamental to doing business in the digital age, but as many entrepreneurs have found out for themselves, it is not without risks. Just like how businesses are modernising their operations, so too are malicious entities that seek to harm or cause disruptions using digital tools and channels. Cyberthreats like malware and ransomware are becoming more frequent and sophisticated, and businesses bear the responsibility of protecting themselves against these activities.
Failing to comply with security measures prescribed by different authorities can have devastating consequences. On top of the financial losses directly brought about by cyberattacks, businesses that have fallen victim to cybercrime often need to pay hefty legal and regulatory penalties and deal with operational disruptions, as well as manage any fallout from reputational damage.
It’s imperative, then, for entrepreneurs like you to understand how cybersecurity can make a difference in the short- and long-term development of your endeavours. To that end, Network Edge presents a list of takeaways from recent cybersecurity statistics that can help you make the smartest possible decisions about your enterprise’s digital security.
Many small business owners think that they are too small to be targeted and that bigger businesses are more at risk because criminals simply have more to gain by going after the bigger fish. These beliefs, which offer a false sense of security, are far from the truth.
According to the 2019 Verizon Data Breach Investigations report, small businesses are primary targets for criminals and represent 43 percent of all data breaches in the same year. This is not a one-time event, as Microsoft reports that 1 in 3 small and medium-sized businesses (SMBs) were hit by successful cyberattacks in 2023.
Criminals consider small businesses as easy targets since many of them are not keen on investing in proper security measures, and they’re quite right in that assumption. According to a 2023 report published by the World Economic Forum (WEF), only 4 percent of organisations are confident that their connected devices and related technologies are properly secured against cyberattacks.
Plus, the 2020 Cyber Resilient Organization Report by IBM indicated that 77 percent of businesses do not have an incident response plan in place in case they do get attacked. Keep in mind that SMBs make up an overwhelming majority of businesses globally.
Unfortunately, it doesn’t take much for tech-savvy malicious entities to infiltrate small businesses en masse. Experts predict that generative artificial intelligence (AI) will be used for cyber activities, including cyberattacks, in the coming years. The assistance of AI can mean that criminals can carry out more personalised attacks more frequently on businesses of all sizes.
The cost of falling victim to cyberattacks is nothing to scoff at. Microsoft states that data breaches can cost an average of USD 250,000 and up to USD 7,000,000 for SMBs (or an average of NZD 445,000 and upwards of NZD 12 million for small businesses). This amount includes the cost of investigation and recovery efforts as well as fines and penalties for failing to comply with cybersecurity measures prescribed by governing bodies. In its 2023 report, the WEF expected that financial loss due to cybercrime is expected to grow 15 percent per year over the next five years, eventually reaching USD 10.5 trillion (or NZD 18.6 trillion) by 2025.
The impact of any cyberattack, however, extends well beyond monetary affairs. It will diminish customer trust in the brand, as customers are no longer confident that the affected business will be able to secure their financial information and keep it private. This can lead to lower sales and acquisitions down the line and cause long-term strain for the company.
It’s currently estimated that a cyberattack happens every 39 seconds. Ransomware, which is a type of malware that encrypts the victim’s data and uses it to ask for ransom, is the most common type of cyberattack, and 82 percent of ransomware attacks are directed at SMBs. One of every five businesses that have been hit by ransomware tend to halt their operations until the matter is resolved, and they are forced to give in to the demands of the cybercriminals to gain access to their data. The disruption and financial strain caused by ransomware attacks have such a significant impact that 60 percent of businesses that have been attacked fold within six months after such an incident.
It’s imperative for businesses, then, to protect themselves from ransomware as soon as possible. If you haven’t done so yet in your own organisation, now is a good time to start taking measures. If you can make a priority of implementing security strategies specifically against the most common type of cyberattack, you can avoid unnecessary damages and losses that have put other companies out of business.
Cybersecurity means more than just securing the digital components of your networks and organisation. According to a 2020 study, 88 percent of cybersecurity breaches are caused by human error. It’s important, then, to bolster what is typically the weakest link in an enterprise’s security posture: people. Cybercriminals are keen on exploiting human error, and they do this through phishing, social engineering, and other forms of malware-free activities that target individuals with the aim of stealing their identities and credentials.
Continuously educating employees about common scams, how to recognise them, and what to do if they encounter a security issue can have a positive impact in strengthening your own organisation’s security posture. Easy access to security experts can also encourage employees to seek assistance the moment they feel uncertain about security matters or when they feel that they have fallen victim to identity theft and phishing attacks. This, in turn, will enable the company to immediately identify issues and contain them before they cause further problems.
Boost your New Zealand-based business’s cybersecurity system and posture with expert assistance from the people at Network Edge. We offer managed security services, managed detection and response, and access and identity management solutions to our business clients. Contact Network Edge now so that we can help you protect your business on all fronts.
