In an increasingly digitized world, data breaches have become a growing concern for small businesses. A recent survey conducted by Shred-it revealed that nearly 8 in 10 small business leaders express anxiety about the safety of their company’s sensitive data and information. This apprehension is not unfounded, as data breaches remain a pressing issue, with the number of incidents continuing to surge in line with the all-time high set in 2021, according to the Identity Theft Resource Center’s report.
Consumer sentiments also reflect the stark realities of cybercrime. An astonishing 81% of consumers disclosed that they would cease engaging with a brand online following a data breach, as highlighted in a Ping Identity consumer report. The repercussions of data breaches are substantial, and the financial impact is at an all-time high, with an average cost of over $4.4 million worldwide, surpassing $5.1 million in Canada, and climbing to over $9.4 million in the United States. For small businesses, these costs can be crippling, potentially leading to regulatory actions and fines, legal fees, and the loss of valuable customers.
The prevalence of data breaches in small businesses is alarmingly high, with 1 in 4 of the small business leaders surveyed by Shred-it reporting that they have experienced a data breach. Shockingly, 50% of them attributed these breaches to employee errors. Consumers, too, are not immune, with 45% having experienced at least one data breach. These incidents have created a growing concern among small business leaders, as well as individuals, with 3 in 4 small business leaders and 94% of consumers expressing apprehension about future data breaches.
To prevent future breaches, over 90% of small business leaders believe that data and information protection, along with compliance training, is essential for security. However, only 15% require their employees to complete such training, raising concerns about potential vulnerabilities.
Cory White, EVP, and chief commercial officer at Stericycle, emphasized the importance of data protection, particularly in the current economic climate. He pointed out that small business leaders acknowledge the critical role of information and data security in building and retaining strong customer relationships. Still, many risk losing customers and revenue if sensitive data protection is compromised. Addressing data protection is a pivotal part of strategic decision-making for business leaders.
With concerns about future data breaches looming, 73% of small business leaders and 94% of consumers are apprehensive. The situation is even more acute among Canadian small business leaders, where 81% express concern. However, despite these concerns, only 60% claim to be proactive when it comes to data and information protection, and merely 22% consider themselves “extremely proactive,” potentially leaving many small businesses vulnerable to future issues.
A significant fear among business leaders is that their employees may not know how to respond in the event of a breach, with 71% expressing this concern. Surprisingly, only 15% of small business leaders mandate training for their employees, and those who do, do not provide it regularly. Additionally, 63% of small business leaders admit to lacking a reliable source for maintaining relevant policies and training.
The concern about regulatory complications is another pressing issue, with 76% of small business leaders worrying that regulations will become more intricate and burdensome in the future. This apprehension is even more pronounced among Canadian small business leaders, with 87% expressing these concerns.
As small business leaders grapple with the idea of changing procedures to meet existing regulations, 47% currently do not have third-party partners for managing sensitive digital data and information. Nevertheless, more than 90% of those who have such partnerships find them to be immensely valuable.
Michael Borromeo, VP of data protection at Stericycle, underscores the need for small business leaders to take proactive steps to safeguard their businesses. He recommends allocating a budget for data protection and offering regular employee training to understand the evolving data protection regulatory landscape. Trusted third-party partners can provide valuable guidance in this regard, offering a lifeline to protect businesses from significant revenue losses.
The hidden costs of data breaches are a grave concern for small businesses. It is imperative for small business leaders to recognize the importance of data protection, invest in employee training, and consider the guidance of third-party partners to navigate the complex data protection landscape. By doing so, they can protect their businesses from financial devastation and maintain the trust of their customers in an era where data security is paramount.