Globally, commercial fraud losses are mounting. The specter of cyber attacks has become a constant risk to Small Business financial health; the negative impact is growing exponentially — damages as a result of cyber attacks are expected to cost $6 Trillian annually by 2021 (Source: Cyber Security Ventures).
Many attacks target the most vulnerable with nearly half of all cyber attacks affecting small business Thieves are finding that all too often small business fraud pays more than consumer fraud. The dollar value of the average business fraud loss far exceeds that of consumer fraud, with business fraud losses being three to 10 times larger than that of consumer fraud loss. So, the thieves have a much higher return on investment targeting a legitimate small business.
The exposure to business insurers is material and growing, with cyber claims totaling more in 2017 than the previous 4 years combined! So, this could be the tip of the iceberg; claims including ransomware have grown 16% year over year, and with the significant breaches of 2017, it’s safe to expect that figure to increase.
How prepared are Small Businesses for cyber attacks?
Experian conducted a survey of 150 small business owners throughout the United States to get a sense of how this population is approaching risk mitigation and response. The key takeaway? Small Businesses are more at risk than they think, and are not taking proactive steps to allocating budget to defend against cyber attacks.
The majority of businesses (58%) are in fact worried about cyber attacks, but 51% of these businesses are not allocating any budget at all to risk mitigation. Other highlights from the survey: 31% of small businesses are not taking any proactive measures to mitigate cyber risk, and only 12% of small businesses have a breach preparedness plan in place.
Savvy small business owners monitor their business information and those they do business with to stay ahead of cyber fraud. It’s critical to know how your business is seen by others, this includes your business credit, cyber threats, and supply chain. Taking steps to monitor these aspects of your business is the first step for having a plan to managing your risk.
Additionally, take the time to bake-in cyber security best practices to your business plan and corporate culture, and have a breach preparedness plan in place to minimize the impact of a breach. Such critical steps managing potential risk of business relationships, data and reputational health could mean the difference between your profit and loss — your success and failure.
Bottom line: Cyber risk protection for small businesses requires an entirely different approach. It will take collaboration between the security industry and public and private sectors to help bring security best practices from the back burner to top-of-mind for small business owners. These groups must become aware of the unique threats facing their business, and learn how they can help mitigate risk, while mastering their own small business health and reputation.