Cyberattacks now cost small companies $200,000 on average, putting many out of business

Annette Riedl | picture alliance | Getty Images

In an age of ongoing digital transformation, cybercrime has quickly become today’s fastest-growing form of criminal activity. Equally worrying for modern executives, it’s also set to cost businesses $5.2 trillion worldwide within five years, according to Accenture.

With 43% of online attacks now aimed at small businesses, a favorite target of high-tech villains, yet only 14% prepared to defend themselves, owners increasingly need to start making high-tech security a top priority, according to network security leaders.

“Modern IT infrastructures are more complex and sophisticated than ever, and the amount of virtual ground that we’ve got to safeguard has also grown exponentially,” explains Jesse Rothstein, CTO of online security provider ExtraHop. “From mobile to desktop interactions, cybercriminals can launch thousands of digital attacks designed to compromise your operations at every turn, only one of which ever needs to connect to cause serious disruption.”

As a result, he says, it’s guaranteed that virtually every modern organization’s high-tech perimeters will eventually be breached. This being the case, for small business owners, it’s no longer a matter of considering if security threats will arise, but rather thinking in terms of when.

Worse, the consequences of cyberattacks continue to grow, with digital incidents now costing small businesses $200,000 on average, according to insurance carrier Hiscox, and 60% going out of business within six months of being victimized. The frequency with which these attacks are happening is also increasing, with more than half of all small businesses having suffered a breach within the last year and 4 in 10 having experienced multiple incidents, reveals Hiscox.

At the same time, though, according to Keeper Security’s 2019 SMB Cyberthreat Study, 66% of senior decision-makers at small businesses still believe they’re unlikely to be targeted by online criminals. Similarly, 6 in 10 have no digital defense plan in place whatsoever, underscoring the need for heightened industry awareness and education across the board.

“Attackers are getting smarter, attacks are occurring faster, and incidents are becoming more complex,” cautions Justin Fier, director of cyberintelligence and analytics at cyberdefense firm Darktrace. “The latest cyberattacks speedily exploit vulnerabilities in computer networks — which [can be infected] like human immune systems, changing thousands of times per second — and can overtake even major networks in an hour and a half.”

A visualization of the Darktrace artificial intelligence in action.

Photo courtesy Darktrace. 

—What’s more, given that digital threats tend to go an average of 101 days before being detected by business operators, the damage to an organization from such compromises can quickly add up.

Consider the case of humanitarian aid trip organizer Volunteer Voyages, a single-owner small business which suffered $14,000 in fraudulent charges after an online thief pilfered its debit card information, which the bank refused to reimburse. Or that of popular online food delivery startup DoorDash, which suffered a major data breach this past September, with hackers having accessed sensitive user data for over 4.9 million customers, resulting in tens of thousands in expenses. Likewise, government contractor Miracle Systems, which provides IT and engineering services to over 20 federal agencies, recently suffered losses of $500,000 to $1 million due to an internal server breach.

However, considerable as they are, these charges do not factor in additional damage to intangible assets such as brand reputation and customer goodwill. Case in point: Miracle and its clients were later shocked to discover that their data was openly being advertised for sale by hackers on international cybercrime forums for a starting price of $60,000.

The latest cyberattacks speedily exploit vulnerabilities in computer networks — which [can be infected] like human immune systems, changing thousands of times per second — and can overtake even major networks in an hour and a half.

Justin Fier

director of cyberintelligence and analytics, Darktrace

Factor in additional expenses such as regulatory compliance, attorneys’ fees, technical


Click here to view the full story