If you've read any of my previous articles for the Chamber blog (or seen me on Twitter, or in person at a presentation in Arlington, DC, or Hyattsville), there’s no doubt that you’ve heard me urge you to take your company's cybersecurity more seriously. But let's be honest, most of this technology stuff is hard to understand, which makes it hard for you to want to do anything about it kind of like doing your taxes. "I'm no one important. Nobody wants to hack my company," you mistakenly believe. I recently had a conversation with another Arlington business owner who said something along those lines. She then added, "So what if I get hacked?"
The most immediate thing to happen is that the business has its revenue-generating ability halted. The lifeblood of every business is the money it makes. When a business stops making money, it starts dying. According to the Ponemon Institute, the average cyberattack costs a business upwards of $690,000! Typically the victim of a cyber attack is out of commission for an average of six days. Most businesses can't afford to not make money for this long, which is why 66 percent of businesses ultimately go out of business after a cyberattack. Cybersecurity is a high-stakes game where your fist mistake can easily be your last. "So what if I get hacked" in this instance really means, "So what if I lose my business?" Are you really willing to gamble with your business?
It can be argued that the biggest loss a business faces after a cybersecurity incident isn't a drop in its profits, but a blow to its reputation. According to Inc., almost half of business that suffer a breach lose one-fifth of their customer base. And the damage doesn't stop there. Over 20 percent of breached organizations lose out on prominent future business opportunities. This stems from the fact that your customers, whether they're consumers or other businesses, don't want to do business with companies that don’t take the protection of their customers' data seriously. Your company will still be paying the price well into the future for mistakes you don't know you're making today. "So what if I get hacked" in this sense really means, "So what is my company's reputation worth to me?"
I'll level with you: a lot of this technology stuff is really confusing. The good news is that no one expects you to figure it out on your own. If you're not sure where to start, contact a professional. If you want to be taken seriously, you have to take your company's cybersecurity seriously. The bad guys have to be lucky every time, but professionals make it so you don't have to be lucky at all.