This topic may seem like a departure since we typically cover trends in this space. But there is a trend—small businesses are increasingly at risk from cyberattacks.
Is your small business one of them? It’s a real possibility, according to a recent report from Shred-it. The 13th annual Data Protection Report (DPR), Vulnerable Small Businesses Risk Losing More than Just Money, reveals that the cost of data breaches to businesses is at its highest level ever, with an average loss of more than $4.4 million globally, over $9.4 million in the U.S. This could crush a small business as they face potential regulatory actions and fines, legal fees and the loss of customers.
According to the DPR, about 25% of small business leaders (SBL) surveyed say they’ve experienced a data breach, and half say it was caused by employee error. Almost all (over 90%) of the SBLs believe that data and information protection and compliance training should be put into practice to protect their businesses from future breaches.
Some insights from the report:
Training and Education Help Mitigate Future Risks
- 71% of SBLs surveyed are afraid their employees won’t know what to do in the event of a breach
- Only 15% require their employees to take any training
- 63% admit they don’t have a reliable source to maintain relevant policies and training
Compliance Seems Overwhelming
- 76% of the SBLs surveyed worry that regulations will only become more complicated and burdensome in the future
- 67% are overwhelmed by the thought of changing procedures to meet existing regulations
According to Michael Borromeo, vice president of data protection at Stericycle, Shred-it’s parent company, the solution is that “Small businesses need to be proactive and allocate more budget upfront. [Otherwise, they’ll] risk significant revenue loss that is difficult to recover from. They [can] protect themselves by offering regular employee training and developing an understanding of the shifting data protection regulatory landscape.”