ShareFile Blog

How much could a cybersecurity attack cost your small business?

In today’s digital age, cybersecurity breaches are making headlines almost daily. Hackers are working around the clock to find new targets and vulnerabilities to exploit. And they’ve recently set their sights on a new target: small businesses.

While many of the incidents that make headlines are high profile or involve large enterprises—half of all small businesses experienced a breach over the past year, according to a Ponemon study.

But why?

Hackers are realizing that small businesses often can’t afford robust IT staff or budget to prevent attacks. They also have high-value sensitive and personal data that may not be adequately protected, making them easy targets.

Are you at risk?

In a recent Manta study, 87 percent of small-business owners said they don’t feel at risk of a cyber attack. And 1 in 3 small businesses don’t have tools in place to prevent attacks.

“Most small-business owners don’t think they’re at risk. As a result, it’s fair to say they are indeed ill-prepared to safeguard against an attack,” Bryan Seely, a network engineer famous for hacking into the FBI, told CNBC.

Small businesses are particularly vulnerable to email phishing attacks. And hackers are finding it easier than ever to steal credit card information from small businesses’ online retail operations.

“Because value can be stored in so many different ways now online, it opens up so many different ways of attacking for fraudsters,” Rahul Pangam, a former Google engineer and now CEO of Simility, told CNBC. “Ten thousand promotion codes at $5 each—that might literally bankrupt a business in the retail sector.”

Ransomware attacks—where a hacker holds data or machines hostage for a ransom—are also increasing. Because small businesses often have just enough money to get their data back, they’re often left without the funds to investigate details of the breach—leaving them vulnerable for future attacks.

How much could an attack cost you?

Ransoms targeted at small business and startups range anywhere from $500 to $50,000. The average ransom in 2016 was $679, which is more than double 2015’s $295.

The small businesses that reported a breach in the Ponemon study spent an average of $879,582 because of damage or theft of IT assets, and operations disruptions cost an average of $955,429.

But the non-financial losses can be even harder to bounce back from. Things like wining back your customers’ trust and repairing a damaged reputation can have big long-term impacts on your bottom line.

Worse yet, up to 60 percent of small and medium businesses that are hacked go out of business within six months after a cyberattack, according to a U.S. National Cyber Security Alliance report.

Start protecting your small business today

While the looming threat of attacks may feel overwhelming, there are some things you can do almost immediately to protect your small business:


Can your business hold up against a cyberattack? Take our short quiz and see how you stack up: