Problems with cyber breaches are not just confined to big businesses and they can have serious and detrimental effects on smaller businesses as well. All businesses regardless of their size, now rely on systems that are based on technology, sole traders and micro businesses may have a single desktop or laptop computer, small and medium-sized businesses may have introduced integrated systems, with more than one computer a shared CRM system and the delights of managing your own servers, or perhaps outsourcing to cloud-based storage systems.
We also need to bear in mind that in the post GDPR world that we all now live in, companies have 72 hours to report cyber breaches or you could have to face regulators and potential heavy fines.
It’s easy for many of us to say it won’t happen to us, but these breaches are not always the criminal attacks on bigger businesses that we see widely reported in the press.
As business owners we should be aware of the threats, so, as well as the obvious attacks for criminal gain, some breaches can be purely random malicious attacks by hackers. There are also the breaches caused by the companies own system problems or glitches, as well as those down to human error, either by your own employees or third-party contractors and sometimes you may have a disgruntled member of staff or third-party supplier causing a nuisance.
The problems caused by such data breaches are serious
- Business Interruption, if you are an owner operator the main impact is the time it takes you to investigate and correct the breach, there is also a potential financial cost as we are not all tech experts and we may need to buy in additional help to resolve the issue.
- Reputational Damage, having to explain the breach to customers is embarrassing and erodes the trust you have built with customers and suppliers over the years and its time you should be spending growing and developing your business
- Misuse of customer information, if customers and impacted by a flood of malicious, criminal or just nuisance emails and phone calls due to a breach of your systems then they have time and monetary cost, with your problem becoming their problem, they won’t be happy!
- Data or Software damage, if your systems and software are damaged there is a cost to repair or replace these things.
- Extortion, you become open to criminal activity, we have disabled your system, but we can get your system back up and running quickly if you pay us, OUCH!
- Dealing with regulators and potential fines, if you have got it wrong regulators may get involved and this has an impact in terms of time spent with them in sorting out the issue, if you have got things deliberately wrong then you may also be hit with sizeable fines.
- Loss of intellectual properties, if you have a small business with some real intellectual advantage over your competitors then a breach will mean your advantage is gone and competitors will be aware of your advantages.
So, what can small business owners do about the threat of cyber breaches, well the first and easiest thing to do is ask yourself some questions, with what if being the best one. What if my systems stopped working, could I continue to do business, do I back up my system at the end of every day or week depending on my own circumstances? What if a member of my staff decided to take data for malicious reasons, can I limit access, who can get at what data, should I remove the ability for staff to download information on to memory sticks?
By asking yourself the right questions to highlight the potential risks, you can then look at actions you can take to limit the risks to you and your business, backing up your data and taking a long hard look at your own internal risks, staff and third parties you can dramatically reduce the chance of you being badly affected by a cyber breach.