SMBs face costs of up to $2.5 million after a data breach

Over half of SMBs have now had a taste of how disastrous the consequences of a data breach can be.
Written by Charlie Osborne, Contributing Writer

There's no lack of work out there for cybersecurity specialists considering how widespread attacks against organizations have become.

No matter the size, every entity is now at risk of cyberattacks, whether through supply chain security lapses, phishing campaigns, or via insider attacks and weaknesses in their own networks.

However, small and mid-market companies have become a lucrative and attractive prospect for cybercriminals. These organizations will often have smaller cybersecurity budgets and may not be able to afford or have hired a chief security officer (CSO) or in-house security team able to take on rapid response duties.

We hear that security is only as strong as the weakest link. It is often employees which fill this niche, but in the overall threat landscape, SMBs can also become a springboard for attacks on larger enterprise companies.

According to Cisco's SMB Cybersecurity Report, released on Wednesday, 53 percent of midmarket companies have experienced a data breach.

Recovering from these attacks can be both damaging and costly. It is not only damage to networks which must be repaired -- third-party cyberforensics teams are often hired, regulators may have to be notified and fines may be imposed, staff training may have to take place, and the victim organization may also pay in terms of their reputation and future business prospects.

CNET: Apple and Cisco pool their might to shield companies from cyber risks

The report, which includes 1816 survey respondents across 26 countries and also draws upon results from Cisco's 2018 Security Capabilities Benchmark Study, suggests that 29 percent of SMBs will pay under $100,000 after a data breach.

However, 20 percent say that the same incident will cost them between $1,000,000 and $2,499,999 to resolve.

TechRepublic: Cisco switch flaw led to attacks on critical infrastructure in several countries


In total, 40 percent of SMBs will experience an average of eight hours or more in system downtime due to a data breach; a similar time frame to large enterprise players.

"The difference, though, is that larger organizations tend to be more resilient than small/midmarket businesses following an attack because they have more resources for response and recovery," Cisco notes.

The core systems of SMBs are more likely to be interconnected and tightly woven together as smaller firms do not necessarily need multiple systems spread over different locations.

This may cost less to maintain, but when it comes to damage caused by a cyberattack, this is no advantage.

39 percent of respondents said that at least half of their systems have been impacted by a severe data breach in the last year.


When asked about the biggest security challenges they face, small and medium-sized businesses reported targeted attacks such as spear phishing campaigns, advanced persistent threats (APTs), ransomware infections, and Distributed Denial-of-Service (DDoS) attacks as the most concerning prospects.


However, organizations should not ignore the threat of insider attacks. A recent investigation by the tech giant suggests that 0.5 percent of employees conduct suspicious activities while on duty.

This does not seem high, but this does translate to at least two employees at a company 400-strong which could undermine entire security structures and defenses with the click of a button.

See also: Woman pleads guilty to hacking police surveillance cameras

In response to such threats, many SMBs are turning to cloud solutions to bolster their security. In 2014, roughly half of small to mid-sized businesses said they utilized cloud services; this figure is now closer to 70 percent and adoption is still on the rise.

"Incremental change is better than no change," Cisco says. "In short, they should not let a desire to be "perfect" in their security approach get in the way of becoming "better." Perfect, as in all things, does not exist."

"Small/midmarket businesses also must understand that there is no "silver bullet" technology solution to solve all of their cybersecurity challenges," the company added. "The threat landscape is too complex and dynamic. The attack surface is always expanding and changing. And, in response, security technologies and strategies must continually evolve as well."

How to discover and destroy spyware on your smartphone (in pictures)

Previous and related coverage

Editorial standards