Ask Jack: What Is The Real Risk For Small- And Medium-Sized Businesses After A Cyber Attack?

By Jack McCalmon, The McCalmon Group, Inc.

I own a small retail business. I know I am a target…who isn't? But what is the real risk if I am hacked?


The real risk is closure of your business.

According to the National Cyber Security Alliance, as reported by Inc., 60 percent of small- and medium-sized business close within six months after a data breach.

Not only is the damage greater to small businesses, according to Forbes, small businesses are three-times more likely to be targeted for an attack. Businesses with fewer than 100 employees receive 350 percent more social engineering attempts than larger businesses.

One reason small- and medium-sized businesses close after an attack is that they are less prepared for a breach than larger enterprises and take fewer prevention steps.

Why a small business would have to close varies, but primarily the reason involves not having the financial and cybersecurity resources to weather the fallout from an attack - from litigation to loss of business reputation.

The final takeaway is never consider yourself too small for a cyberattack. Continually focus on prevention, but be prepared if a breach occurs.

Talk with your agent or broker about blunting the financial harm with insurance and step up your prevention and post-breach strategies, including training your employees; increasing your cybersecurity defenses; and developing a post-breach strategy, including developing a relationships that can quickly assist and counsel your organization in case of a breach.


Finally, your opinion is important to us. Please complete the opinion survey:


Ask Jack: Home Office Data Security First Steps

Jack McCalmon offers some data security steps for home offices.? Read More

Ask Jack: Should We Allow Employees To Play Games On Their Laptops?

An employer wants to keep employees happy. One idea is to allow employees to game during work breaks. Jack examines the cyber risks. Read More

Ask Jack: If There Is No Evidence Of Data Being Stolen, Can I Still Be Held Responsible?

Jack McCalmon talks about the importance of not just post-breach exposures, but pre-breach exposures as well. Read More