According to a study1 by Kaspersky Lab and B2B International, the amount of financial loss suffered by small and medium businesses as a result of cyberattacks continues to grow. In 2015, the damage from one cyber incident averaged $38,000. That sum includes the cost of calling in specialists to clear up the after-effects, missed business opportunities and losses caused by downtime.
As a rule, market penetration and financial stability are the main priorities for small business owners, who pay little or no attention to information security. As a result, their neglected IT infrastructure becomes a prime target for cybercriminals.
The study found that in the last year around a third of small and medium businesses suffered downtime and missed business opportunities, and 88% of them had to turn to third-party experts for help. On average, the latter accounted for about $11,000 of a company’s expenses. Lost profits, accounted for $16,000, while reputational losses – the damage to a company’s image – was estimated at more than $8,000, according to the respondents.
Every small or medium business faces the risk of incurring this scale of loss. The study shows that almost all organizations (90%) were subjected to external threats at least once during the year, and 73% of respondents encountered internal threats such as software vulnerabilities, or the risk of employees losing mobile devices or causing data leaks.
One of the key reasons for the high cost of cyber incidents is the fact that, if not prevented, cybercriminals gain access to sensitive corporate information. More than a third (39%) of companies confirmed they have lost confidential data as a result of a cyberattack.
"When launching their latest venture, entrepreneurs need to carefully consider their investment and every aspect that could affect the company’s profit and reputation. That’s why it’s important to remember that any automation of business processes is associated with information security risks. The study shows that the potential losses greatly exceed the cost of security solutions, so we strongly recommend thinking about your company’s information security in advance," said Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.
To support small companies, Kaspersky Lab offers Kaspersky Small Office Security, a solution especially designed for this business segment. For medium-sized companies there is Kaspersky Endpoint Security. Both solutions are designed to provide reliable multi-level protection to all elements of the IT infrastructure. Easy to deploy and manage, they protect against cybercriminals while the company focuses on its key business goals.
1The information security of businesses - Kaspersky Lab and B2B International, 2015. Over 5,500 IT specialists were surveyed from more than 25 countries around the world.