The Year of the SMB Breach

Posted by Sid Khaitan on Sep 30, 2016 6:10:01 AM
Find me on:


2 years ago, security professional and evangelist David Holmes dubbed 2014 as the “The Year of the Mega-Breach”, and reasonably so, as multiple headlines featured news of massive data breaches at Home Depot, J.P. Morgan Chase, and eBay. However, the following year had a roster of mega-breaches that made the previous year’s incidents pale in comparison, causing the term to quickly become obsolete. After a holistic review of the data breaches that have occurred throughout the current year, the Rippleshot Team has decided to resurrect the concept- with a little twist. Follow along as we discuss why 2016 is “The Year Of The SMB Breach”, how data breaches can be catastrophic to small to mid-size businesses (SMBs), and what implications SMB breaches have for the overall cybersecurity industry.

Hidden In The Shadows

When reflecting upon the breaches of this year, it is crucial to consider the ones that did not always make the headlines, or were wrapped up in the shadows. Although the media has focused its unrelenting attention on Target, Wendy’s, Home Depot, Michael’s, Oracle, and most recently- Yahoo, the overwhelming majority of breaches occur at the nation’s wealth of small to mid-size businesses (SMBs). As we have covered before, many of these breaches go undetected for months because there are simply not enough resources to investigate the thousands of smaller breaches. Even VISA’s response guide states that it looks for a data breach incident to be reported by at least 4 financial institutions with 999 affected accounts before they will confirm that a breach has taken place.

Small Biz Under Attack

The danger to small to mid-size businesses is quite prevalent, because in many aspects, small businesses have a lot more to lose when they are breached. Although these are not apples-to-apples comparisons, it is interesting to see how data breach costs vary between large businesses and SMBs. A newly published research report from Kapersky Lab summarizes the results of a global study in partnership with B2B International, where over 4,000 business representatives from 25 countries were asked about their IT security budgets, the complexity of their infrastructure, attitudes towards threats and solutions, and the real cost of data breaches and security incidents inflicted upon businesses.

The average cost of recovery from a single security incident is estimated to be $86,500 for SMBs, and $861,000 for enterprises. When asked to categorize their recovery costs, SMBs reported the following expenses as a typical loss:


From this breakdown, it is important to note that the largest expenses include additional internal staff wages, lost business, employing external professionals, and improving software/ infrastructure.

However, these charges only represent the average across a wide spectrum of attack vectors, and some attack types cost businesses a lot more. “Zero” day vulnerabilities, or holes in software that are unknown to the business, can end up costing SMBs up to $149,000 ($2M for enterprises). Targeted attacks, on the other hand, are estimated to have a financial impact of $143,000 and $1.7M, respectively.

Speed Equals Savings

A recurring theme in cybersecurity is that speed equals savings, as swift action and rapid detection can mitigate not only data losses, but also financial costs. When breaches are discovered instantly, they are estimated to cost $28,000, with the number rising to $105,000 (almost 4x higher) if the breach goes undetected for over a week.

The graph below describes how costs rise over an abbreviated timeline:



Even a difference of a few hours can result in 3x the savings (from $27,542 to $61,952)!

Why This Matters

Considering that 49% of U.S. businesses assume that their IT security will be compromised sooner or later, and 77% of U.S. businesses have experienced between 1 and 5 separate data security incidents within the last year, the cost implications become staggering, especially to small businesses. If that itself is not enough reason to worry, 1 in 10 U.S. businesses said that it can take up to a year for them to discover a breach.

Before rushing to beef up your cybersecurity budget, consider a statement by Vladimir Zapolyansky, the Head of SMB Marketing for Kapersky Lab- “[Reaction time post-breach] is something that cannot be remedied via budget increases. It requires talent, intelligence, and an agile attitude towards protecting one’s business”. Increasing reaction times requires a strong mix of infrastructure and detection technologies, something that many businesses have yet to consider. Although the upfront costs of cybersecurity infrastructure are not necessarily economical, they are certainly justifiable, as the costs of a breach greatly outweigh the initial investment in security.

The threat of data breaches to small businesses is quite real for SMBs, because unlike large enterprises, small businesses will not always survive a cyber attack, as statistics show that nearly 60% of small businesses will close up shop within six months after a cyberattack.

The good news is, there is a silver lining. More companies are increasing their vigilance surrounding cybersecurity, with 81% planning to increase their annual IT security budget by an average of 22% in 2016 alone.



Rippleshot prides itself on Sonar’s “whales and minnows” approach - meaning we’ll catch the huge Fortune 500 compromise just as quickly as we’ll spot an incident at your local dry cleaner down the street. We’ll get you through the weeds faster, so you can spend your time doing what matters most, taking care of your customers.

Schedule a demo to learn more about the award-winning technology here:

New Call-to-action


Topics: Compromises, Industry News, Data Breach Statistics, Cybersecurity