The headlines are increasingly filled with data breaches at some of the largest retailers and corporations in the world. Unfortunately, as these high-profile breaches garner attention, they’ve left small business owners with the impression that hackers and cybercriminals don’t bother targeting small businesses.
How wrong they are: A survey by the Ponemon Institute found that more than half of all small business had experienced a data breach, with 53% reporting multiple breaches. However, only 33% of those businesses notified those customers affected by the breach, despite the legal requirement in 46 states to notify individuals when personal information is compromised. This could leave these small businesses on the hook for tens of thousands in fines and legal fees, in addition to the significant costs of recovering from a data breach.
The lack of awareness, the resulting lack of preparedness, and the lack of— and the resulting lack of preparedness — could end up costing your business in a major way.
One Chicago-area small business owner learned this lesson the hard way. He received an email from his credit card processor, telling him that MasterCard had identified a compromise within his electronic POS system. Following an investigation, the processor claimed the breach was the result of the lack of basic security on the merchant’s part. A year later, he was still paying off more than $22,000 in expenses his business incurred as a result of the breach.
Could a data breach happen to you? Absolutely. Small businesses experience compromises every day. Even though the volume of electronic payment data that passes through small merchants’ POS systems is relatively small, it’s low-hanging fruit to a cyber-thief who doesn’t have to work to obtain that poorly protected data.
That’s why it’s as important as ever for your business to implement strong data security solutions, and to prepare a comprehensive data breach response plan.