No, we're not talking about big-retailer data breaches or jewelry heists. We're talking about the data breaches and thefts that happen specifically to small businesses. Let this sink in for just a second:
- The average cost of a small business data breach is $20,752, according to a report from the National Small Business Association [PDF].
- The average cost of a theft or burglary claim is $8,000, according to Insurance Journal.
So a data breach is two and a half times costlier than a break-in if you're a small-business owner. But which of these events are you more prepared for?
Chances are it's the burglary. At the very least, you probably lock your shop or office doors at night. You may even have a security system in place. When it comes to securing sensitive data? The numbers are telling.
Small-Business Owners and Data Security: A Complicated Affair
Most small businesses realize that the time for taking cyber security lightly has passed, and as we reported before, many cite cyber risk as one of their top 10 concerns. That makes sense – data breaches regularly make headlines these days, and the aftermath is well documented and expensive. More on that in "Target's Cyber Liability Insurance Covered 36% of Its Data Breach Costs. How Much Does Yours Cover?"
But that doesn't change the fact that…
- 59 percent of small-business owners don't have a contingency plan for responding to and reporting data breaches, according to a 2012 Symantec security survey.
- More than 97 percent of small businesses don't have Cyber Liability Insurance, according to Advisen.
So why the disconnect? Why are small-business owners reportedly aware of their cyber risks but slow to do much about them? We have a few ideas.
Data: Out of Sight, Out of Mind
It's easy to have theft on the mind every day – you can see your physical storefront, merchandise, laptops, computers, and tablets. You know how much you paid for these items and roughly how much they'd cost to replace or repair.
But data breaches are a different story. You can't see data being transferred back and forth from your computer. You probably don't leisurely browse through your digital records for fun. Moreover, you may not have paid for every bit of data you've acquired over the years, so you may not think of it as inherently valuable. These truths may keep data security from being a top-of-mind concern.
That's the tricky thing about data: its value only becomes readily apparent once it's been lost or stolen. Each stolen record may come with a price tag of about $154, according to the Ponemon Institute's 2015 Cost of Data Breach Study. In short, cyber security is something that business owners can't afford to ignore.
Get Educated on Cyber Security
You don't have to start from scratch. Ask an agent about Cyber Liability Insurance, and check out the following articles for tips on boosting your data security:
- How to Boost Your Business's Cyber Security When You're Not Big Enough for a Board.
- 23% of Small Business Employees Still Make This Critical Mistake.
- The Small Business Guide to Cyber Liability Insurance.
- 5 Things You Do Every Day that Put Sensitive Data at Risk.
Lastly, remember that data breaches aren't always the result of hackers kicking down your cyber door. Sometimes, they can happen the old-fashioned way: through credit card fraud via card readers. That's why financial institutions are phasing out magnetic stripe credit and debit cards and replacing them with EMV (or chip) cards by October 1, 2015. Card-present fraud was a big enough concern that regulatory bodies decided to switch to a more secure type of card.
You can check out our chip card infographic to learn more about what that means for small businesses that use credit card readers. Essentially, you have to switch to an EMV card reader or else you take on the liability for card-present fraud. Learn more about it in our post "The Small Business Guide to the EMV / Chip Card Liability Shift."