With the U.S. being the largest economy in the world and boasting the broadest base of regular internet users, reported security breaches among businesses get a lot of attention in the news media. These happen despite more companies going to greater lengths to secure the privacy of sensitive data.
But U.S.-based businesses are the only ones increasingly in hackers' crosshairs, and organizations may need to do more to shore up their defenses, a new report suggests.
"73% of businesses would be unable to weather a cyberattack"."
Almost 75 percent of businesses in five countries – the U.K. Germany, Spain, U.S. and the Netherlands – have insufficient cybersecurity protections in place, according to a recent report from Hiscox, a specialty insurance firm.
The report came to this conclusion through several stress tests, designed to gauge just how ready the 4,100 organizations polled were to handle cyberthreats on a real-time basis, both in terms of strategy as well as execution.
Two-thirds impacted by multiple cyberattacks in last year
Not only did the businesses' attempts at defense fail to pass muster, but a substantial percentage had already experienced a breach. Indeed, 45 percent were victimized by at least one attack in the previous year and 66 percent of those dealt with two or more, the report found.
Gareth Wharton, cyber CEO at Hiscox, indicated 2017, in many ways, was the year of the hack.
"If anyone still harbored doubts about the severity of the threat, the events of the past year should have dispelled them," Wharton wrote in the report. " From the WannaCry ransomware attack to the hacking of one of the world's largest credit agencies, 2017 produced numerous reminders that operating in a connected world has fearsome perils."
This past September, credit agency Equifax disclosed that an estimated 145 million consumers' financial data had been impacted by a breach, including consumers' Social Security numbers, home addresses and driver's license information. However, as The Wall Street Journal and Associated Press reported, additional information may have been compromised, such as email addresses and income tax documents.
Financial fallout averages $229,000
Aside from the public relations toll cyberattacks can have on organizations, they pale in comparison to the financial impact. The average incident costs upwards of $229,000, the Hiscox report determined, but that's a ballpark estimate, as company size can result in financial damages in the millions of dollars. For instance, the average cost for U.S.-based companies with 100 employees or more was $1 million, but averaged $24,000 for small-business owners in Spain.
"87% of businesses in Canada have experienced at least one cyberattack."
Businesses in Canada – both large and small – aren't immune to cyberthreats either, as attacks there are proliferating. In the typical year, around 450 breaches impact entrepreneurs, based on a new report from IDC Canada. While these attacks aren't always successful, at least one was for nearly 90 percent of Canadian companies.
"As cybersecurity breaches become the new normal, organizations can't be complacent," warned Theo Van Wyk, chief security architect at Scalar Decisions, which commissioned the analysis. He further noted companies are experiencing attacks, despite having full-time security staff.
IT personnel may not be financially feasible for small-business owners, due to limited resources. The Hiscox study revealed that for organizations with 250 employees or fewer, around 10 percent of their operating budgets go toward cybersecurity, well below the 12.2 percent large companies devote to defenses, like up-to-date payment processing software.
Cyberattacks are a clear and present danger for businesses, particularly those that accept a variety of payment denominations. The experienced engineers at 911 Software have the point of sales systems that are optimized for privacy, without compromising convenience.