60% of small companies go bankrupt within six months of a cyberattack — expert tips on how to avoid it.
By 2025, financial damage from cybercrime is expected to rise to over 10 trillion USD. The threat is often underestimated by companies of all sizes. The stakes are extremely high for small and medium businesses (SMBs). Eighty-three percent of small businesses do not have additional funds set aside in case of such an event. Thus, 60% of small companies go bankrupt within six months after a cyberattack.
Mindset is key
According to research, most SMBs are unprepared for cyberattacks, and decision-makers are to blame for it. For instance, 66% of leaders have a strong belief that their business will not face a cyberattack. Paradoxically, at least 67% SMBs reported a cyberattack in 2019. In addition, a common mindset includes thinking that a company “is too small, too new, or too unappealing to be targeted.” In reality, absolutely every kind of business can be a target of a cyberattack.
Carlos Salas, engineering manager at NordLayer, Nord Security’s product for business network protection, says, “A mindset like ‘hackers only target big companies, so we’re safe being an SMB’ is problematic. Yet many decision-makers have this mindset. We need to understand that attackers can come in any shape, size, or form — from curious high schoolers trying to get recognition from their hacking forums to state-backed hacking squads. No target is too small.”
A cyberattack checklist for businesses
Salas explains, “As always, preventive measures are the easiest (and cheapest) way to avoid data leaks, ransomware, and scams. If an attack has already happened, the best thing to do is contact the countries’ respective authorities in charge of cybercrime and get an assessment (post-mortem analysis) by a cybersecurity expert to prevent further damage.”
Additionally, Salas shares the following tips for businesses to minimize damage from a cyberattack:
- Make sure to change all the associated passwords.
- Disconnect from the internet.
- Disable remote access.
- Run a malware test.
