data breach

The Real Cost of an Untimely Data Breach (and How Your Startup Can Protect Itself)

We live in a day and age when companies big and small are increasingly connected to the internet. While this has streamlined many aspects of starting and running a business, the increased connectivity has also introduced new challenges. 

Hacking and data breaches pose a significant threat to businesses, especially with the increased usage of smartphones and other devices in the workplace. Many of these devices are not properly secured, which gives hackers surprisingly easy access to confidential data. And these attacks are becoming increasingly common.

A 2017 study by Hiscox found that 72 percent of large businesses in the U.S. had experienced a cyber attack in the previous year, with 47 percent being subjected to two or more attacks. Though big businesses are more commonly targeted, startups are also at risk.

What are the costs of a data breach?

While it’s easy to understand that a data breach is a bad thing, it can sometimes be difficult to quantify just how much a breach can cost.

However, an infographic published by Cloud Management Suite helps put things in perspective with some sobering statistics — namely, that the average cyberattack will result in $1.7 million in losses for a business.

Here’s how those costs break down on a more detailed level:

  • $517,599 in lost services
  • $414,128 in tech support to fix the breach
  • $346,062 in operational costs
  • $229,071 in lost workplace efficiency
  • $199,201 in IT damage

These figures only account for direct outcomes of the breach. Significant breaches can completely derail your efforts to gain customer trust, resulting in lost revenue.

A data breach that results in stolen customer information could even subject you to a class action lawsuit. For a small business with relatively tight operating expenses, such losses could completely destroy your startup.


Related: Communicating During a Crisis: Your Startup and Cybersecurity

Take preventative steps

Keeping your business safe from digital threats isn’t always easy, but following a few basic guidelines will go a long way in mitigating your risk.

As William Chalk notes, one of the best ways to secure your data is to implement security systems on a network-level scale, rather than on each individual device. Limiting the number and type of devices that can gain access to your company network can further reduce risk of a breach.

“It’s worth considering investment in ‘unified threat-management platforms,’ otherwise known as UTMs. This will replace the standard router that most consumers use to manage their networks. The UTM will combine a firewall, content filtering and antivirus protection into one piece of equipment with one set of controls. Compared to many alternatives, this is simple to sustain, quick to set up and cost-effective,” Chalk explained.

Of course, people often pose the biggest digital security risk.

A 2018 report found that 47 percent of data breaches are the result of “human error.”

This includes common issues such as clicking on suspicious links or leaving a computer open and unattended. Another analysis of historical data breaches found that “employee negligence or malicious acts accounted for two-thirds of cyber breaches.”

Because of this, security-minded startups need to go beyond investing in quality network security. They must also provide training to all employees regarding digital security practices. Even something as simple as implementing two-step verification or requiring stronger password settings could help prevent a breach.

Startup leaders should also be mindful of limiting employee access to sensitive information. Even if you have a relatively small team, you don’t want everyone to have full access to your data. Make sure each team member only has access to what they need for their work in order to reduce the risk of a disgruntled employee causing an intentional breach.


Sign Up: Receive the StartupNation newsletter!

Implement a recovery plan

Data breaches aren’t always focused on stealing your information. Ransomware attacks block access to a device or even an entire network until a company pays a set amount of money. Other malicious attacks will seek to erase or alter information.

Though improving your digital security measures can reduce the risk of a breach, it’s essential that you prepare for the worst. After all, a data breach is far from the only way you could lose your data. A hard drive crash or even a natural disaster could similarly destroy the information that is so vital to running your business.

In the digital world, most security experts recommend following the “3-2-1” data backup rule.

“The 3-2-1-1 rule requires maintaining three copies of business data, stored on two different types of media, with one copy stored on-site and one copy stored off-site, with one of those copies physically removed from the network, creating an air gap that cannot be hacked or ransomed,” John Edwards explained.

Continually backing up your company data through the cloud and with physical means will ensure that you can recover valuable information should it ever be stolen or destroyed. Developing a thorough recovery plan in conjunction with a cybersecurity professional will help you outline additional steps that your business may need to take to minimize damage and potential liability concerns.

Stay safe

Cybersecurity is a significant issue in today’s business world, and one that can prove devastating to your startup if you don’t take proper steps. By taking active steps to implement and improve your cybersecurity, you will protect your company’s future.

Leave a Reply
Related Posts