November 13, 2015

SMBs lose around $38,000 in every cyber-attack

According to a study by Kaspersky Lab and B2B International, the amount of financial loss suffered by small and medium businesses as a result of cyberattacks continues to grow

According to a study1 by Kaspersky Lab and B2B International, the amount of financial loss suffered by small and medium businesses as a result of cyberattacks continues to grow. In 2015, the damage from one cyber incident averaged $38,000. That sum includes the cost of calling in specialists to clear up the after-effects, missed business opportunities and losses caused by downtime.

As a rule, market penetration and financial stability are the main priorities for small business owners, who pay little or no attention to information security. As a result, their neglected IT infrastructure becomes a prime target for cybercriminals.

The study found that in the last year around a third of small and medium businesses suffered downtime and missed business opportunities, and 88% of them had to turn to third-party experts for help. On average, the latter accounted for about $11,000 of a company’s expenses. Lost profits, accounted for $16,000, while reputational losses – the damage to a company’s image – was estimated at more than $8,000, according to the respondents.  

Every small or medium business faces the risk of incurring this scale of loss. The study shows that almost all organizations (90%) were subjected to external threats at least once during the year, and 73% of respondents encountered internal threats such as software vulnerabilities, or the risk of employees losing mobile devices or causing data leaks.

One of the key reasons for the high cost of cyber incidents is the fact that, if not prevented, cybercriminals gain access to sensitive corporate information. More than a third (39%) of companies confirmed they have lost confidential data as a result of a cyberattack.

"When launching their latest venture, entrepreneurs need to carefully consider their investment and every aspect that could affect the company’s profit and reputation. That’s why it’s important to remember that any automation of business processes is associated with information security risks. The study shows that the potential losses greatly exceed the cost of security solutions, so we strongly recommend thinking about your company’s information security in advance," said Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.

To support small companies, Kaspersky Lab offers Kaspersky Small Office Security, a solution especially designed for this business segment. For medium-sized companies there is Kaspersky Endpoint Security. Both solutions are designed to provide reliable multi-level protection to all elements of the IT infrastructure. Easy to deploy and manage, they protect against cybercriminals while the company focuses on its key business goals.


1The information security of businesses - Kaspersky Lab and B2B International, 2015. Over 5,500 IT specialists were surveyed from more than 25 countries around the world.

Articles related to Product news

  • Android Ransomware: Four-fold Increase in Number of Users Attacked in One Year

    The number of users attacked by ransomware targeting Android-based devices has increased four-fold in just one year, hitting at least 136,000 users globally. A report on the ransomware threat landscape, conducted by Kaspersky Lab, also found that the majority of attacks are based on only four groups of malware. The report covers a full two-year period which, for reasons of comparison, has been divided into two parts of 12 months each: from April 2014 to March 2015, and April 2015 to March 2016. These particular timescales were chosen because they witnessed several significant changes in the mobile ransomware threat landscape.

    >
  • Damage to Customer Trust and Corporate Reputation are Among the Most Harmful Consequences of DDoS Attacks

    The consequences of a Distributed Denial of Service (DDoS) attack extend far beyond financial considerations. These attacks damage a company’s relationship with its customers, according to the research from Kaspersky Lab and B2B International.

    >
  • Kaspersky Lab Exposes Facebook Phishing Attacks: 10,000 Victims in Two Days

    A Kaspersky Lab security expert has uncovered a malware attack that tricked around 10,000 Facebook users around the world into infecting their devices after receiving a message from a friend claiming to have mentioned them on Facebook

    >