Severe Data Breaches Could Cost US Small Businesses $555 Billion

hayley-stansfield.jpg  Content Marketing & PR Manager, Blueclaw Media Ltd.

  WWS contributor


Small businesses in the US could lose 7.27% of their value - an average of $46,019 - in the event of a severe data breach, new research shows.

According to the research, published in a data breach report by cloud solutions company iomart, there were 30.2 million SMEs in the US in 2019, accounting for 99.9% of all businesses and amounting to a collective potential loss of $555,909,520,000 due to data breaches. 

The new research analyzes the financial impact of typical, severe and catastrophic data breaches to reveal what each could cost top companies and social media platforms.

Large-scale breaches are growing in intensity and frequency during 2020, with the number of compromised records rising by 273% in the first quarter, compared to the same time last year. These included 1,196 individual data leaks - almost 40% of which happened in the US.

If all SMEs were impacted by a data breach rather than 40%, the potential loss rises to a staggering $1.389 trillion, based on the average company value and number of small-medium enterprises in the US.

The typical data loss for a large company is between 10 and 99 million records per incident, resulting in an average company value drop of 7.27%. This equates to an average potential loss of $32 billion for top Nasdaq 100 companies and $8.8 billion for FTSE 100 businesses.

This loss of value could prove catastrophic for small businesses, with the average SME being worth $633,000 in the US. With 99.9% of all US businesses being small to medium enterprises, these potential losses could substantially damage the wider business economy. 


Hardest hit sectors


The amount lost per breach is determined by the time it takes to identify and contain a data breach, with leading tech companies facing potential losses of $174.4 million per day as a result of taking a total 236 days to fully recover from a breach.

The IT sector was the hardest hit in Q1 2020 with the number of breaches more than doubling compared to the same period in 2019, while the manufacturing and healthcare sectors were the next most impacted.

With healthcare and social assistance organizations making up 45.2% of SME employment share and manufacturing accounting for 44.4% in 2019, it’s vital that small businesses invest in data security to prevent a substantial loss of finances, reputation and workforce.

Bill Strain, Product Development Director of iomart comments on the findings:

“These figures are a stark warning about the importance of investing in data protection. Many smaller businesses wouldn’t survive the operational impact of a successful cyber-attack, let alone the financial one of a punishing fine on top.”


Defense against such an attack

iomart also offers some top tips on how businesses can create an effective defense against such an attack:

  • Keep IT systems and software up-to-date
  • Store sensitive data separately 
  • Control users’ access and privileges
  • Secure the email gateway 
  • Do regular off-site backups of your data
  • Provide regular security training for all staff

“Looking at your potential risk and knowing where your data is, controlling who has access to it, and making sure it’s secure should be an absolute priority,” adds Bill.

“It’s still the case that most cyber-attacks start by exploiting our human vulnerability. By training staff to spot suspicious emails or links you can lock the front door and then use technological solutions to ensure the hackers can’t get in around the back,” he concludes.

Hayley Stansfield is Content Marketing & PR Manager at Blueclaw, an award winning data-led, digital performance marketing agency, specializing in SEO, PPC, CRO and Content Marketing. Based in Leads, UK. Connect with Blueclaw on Twitter @blueclaw.


Photo credit: iStock.