Major data breaches seem to be trending lately—just look at the massive Facebook breach of as many as 50 million users in late September 2018 (not its first, and likely not its last). In fact, cybersecurity breaches have skyrocketed since 2011, as Forbes reported there were 23 million incidents in 2011 alone; since the 30 million recorded breaches in 2013, the rate has increased an average of 33 percent annually.
This year we’re on track to hit 100 million breaches, which should be frightening for businesses of any size. While a global multibillion-dollar corporation like Facebook can survive the financial repercussions of several major data breaches, a single occurrence could be fatal to smaller companies.
“Businesses can’t afford to ignore cybersecurity,” Stacy Bertrand, manager of information security strategy and metrics for City National Bank, told Crain’s New York Business. “It used to just be the big players that had cyber-related incidents, but now we're really seeing it at small and mid-sized companies, and attacks seem to be increasing daily."
The challenge?
Building a security squad is costly and time-intensive, and recruitment can be draining. But the truth of the matter is that not investing in cybersecurity may cost you even more in resolution fees—fees so high that they could possibly lead to bankruptcy. According to an IBM study, the average cost of a data breach is $3.86 million. The cost changes depending on the industry, with highly regulated sectors like healthcare and finance clocking in at $408 and $204 per stolen record, respectively. The lowest cost of a data breach, seen in public industries, is $75 per capita.
Due to the hefty price tag, it may seem that a cybersecurity requirement puts smaller companies at an inherent disadvantage. But that’s not necessarily the case. The cybersecurity industry is rapidly growing—in the U.S. spending jumped from $40 billion in 2013 to $66 billion this year, —which has generated more affordable options for companies with a limited budget. One expected trend for cybersecurity is a move toward outsourcing services locally, which is otherwise referred to as near sourcing. This enables companies to reduce costs—as much as $400,000 annually for every 100 users—by enlisting IT experts only when they are needed.
Still not convinced of cybersecurity’s worth?
In analyzing the targeted industries of previous attacks, experts have determined that hackers go after companies that are most vulnerable rather than most profitable, Forbes reported. This means having a strong security system in place could stop hackers from even considering you a target.
But investing in cybersecurity is more than a defensive move, it’s good business. Websites that operate via HTTPS rather just HTTP (you know, those letters before a URL) signify that it is a secure environment for customers’ sensitive information, like credit card numbers. Not only does this give clients peace of mind and establish trust in the company, but also Google ranks these sites higher in search-engine results (and Google Chrome labels HTTP sites as “Not Secure,” which scares away potential customers).
Without cybersecurity, the concept of privacy would be obsolete. Today, people manage every facet of their lives online—retirement, health care, bank activity, shopping, you name it—and companies play a significant role in protecting their information. Not to mention customers today have high expectations, and one thing they fully expect is a safe and secure online user experience. If you don’t provide that, they’ll find someone who does.
To compete and thrive in today’s world—one with increasing accountability and pressure from factors beyond our control—businesses will need to be ahead of any potential disruptions. Not investing in cybersecurity puts you and your consumers at risk. One that neither of you can afford.