SmallBusinessReports.org SmallBusinessReports.org
Small Business Reports business journal
SPECIAL REPORT OCTOBER 2018
Cost of a Customer Data
Security Breach
COST: $148.00 per stolen record on average
A
stark warning to merchants about their payment card processing:
IBM / Harris (2018) found that 75 percent of consumers in the U.S.
say that they will not do business with companies that they do not trust
to protect their data.
Security must be the
foundation of payment processing. Merchants
need to be sure that their payment processor is keeping up with new financial tech for
electronic payments security and is committed to keeping the merchant’s
business and customers safe from very real threats of payment card fraud
and identity theft. One problem is that many resellers cannot keep up with new financial tech which exposes merchants to customer data breaches. Many merchants are with a reseller and are not even aware of it. Most banks are resellers. Some resellers falsely claim to be direct payment processors when in fact they are resellers.
Question:
Small to medium-sized businesses are hit
with nearly 4,000 cyberattacks per day, and that number is expected to
grow. Almost half are likely to fall victim to a cyberattack. Despite common misconceptions, small businesses are prime targets for hackers because of their size. Thieves aren’t concerned about how big a business is; as long as there is financial gain to be had from stealing, any company is fair game.
"Over the next five years, smaller payment processors
and resellers may not have the resources and technology needed to keep up with
continuous upgrades in security required to protect merchants' customer
payment data from fraudulent hacker breaches.
In 2016 alone, over 14 million American small
businesses were breached by cybercriminals. And with over 30 million American
small businesses that means 46% of all small businesses will likely become a
cyberattack victim.
When cybercriminals strike, it’s often large enterprises that make front
page headlines. But don’t be fooled — the small coffee shop down the
street and the local grocer are even more likely to be targets for
malicious hackers.
Point of sale terminals, where sensitive Payment Card Industry Data Security Standard (PCI DSS) data is securely processed and transmitted, are consistently targeted in hacking campaigns. With the average cost of a data breach having risen this year, from $141 to $148 per lost or stolen record, having defenses in place to protect customer payment card data continues to be crucial for small merchants. Cyberattacks can be financially devastating;
60% of small businesses suffering a breach are likely to go out of business
within six months. From a loss of customers to a damaged credit reputation
through defaulted loans, small businesses and their creditors have a lot to
lose, and one in three business owners have no safeguards in place to combat a
cyberbreach. The absence of a dedicated IT or security professional
leaves small businesses vulnerable to otherwise preventable attacks, like
phishing schemes and fraudulent activity. One IT employee simply isn’t
equipped to handle the day-to-day technology responsibilities while running
surveillance initiatives to keep the bad actors at bay, and small businesses
are taking a huge risk relying on their employees to not fall victim to
lurking hackers. In addition to a lack of resources, internal
disagreements about the severity of cyberattacks complicate the cybersecurity
dilemma. Thirty-five percent of employees and 51% of leaders are convinced
their business is not a target for cybercriminals, which could explain why
small businesses don’t prioritize security education and best practices. Small businesses processes billions in
credit card transactions annually, and these everyday interactions are a
magnet for cyber criminals. They know that many do not have the necessary
levels of preparedness to defend against an attack. And as businesses respond
to increasing demand for more customer-facing technology, they are increasing
their risk points and need to protect themselves accordingly. Small business owners should conduct a comprehensive
overview of their payment system, break down where card data is at risk, how
cybercriminals can steal customer payment data, and implement ways to protect
data.
Small merchants need to better protect their customers' payment card data |