You’ve been running a successful business for a while now, and you know that risk is unavoidable. Taking risks and figuring out how to minimize the impact is the sweet spot of decision-making. Optimizing risk mitigation gives your company the freedom it needs to experiment with new strategies, deliver new services and products, and increase overall agility.
Of course, some risks are unavoidable in business, but one place you definitely don’t want to take any risks is with your data. That’s because data is no longer a concern just for computer geeks. These days, your data is one of your biggest assets, which is why experts refer to it as “the new oil.”
Today, let’s talk about the risks and costs of losing your data, versus the cost of protecting your network and securing your data with network security services.
But First, Why Should a Small Business Owner Care About Data?
Not only does data give you financial insight that helps you keep your business running smoothly on a day-to-day basis and eases your tax filing, payroll, and sales processes, good data also increases the odds that your company will have loyal customers and achievable deadlines.
In the event of ransomware, a natural disaster, or a data leak due to an unintentional employee error, your organization’s data loss will have a financial impact that could endanger your company’s stability. You will personally have to deal with non-compliance fines, legal fees, and the cost of business interruptions.
But is your data really at risk? Why would cybercriminals want to go after a small or midsized business anyway?
You’d be surprised.
The Big Picture: What Are the Risks of Inadequate Network Security?
According to the Cybersecurity Readiness Institute, SMBs are far more vulnerable to cyber attackers than large enterprises because they don’t have resources for the same cyber defense methods as the big companies do. In fact, the Cyber Readiness Institute determined that a whopping 58% of cyberattack victims are small businesses.
But what are the costs?
· Cyberattacks cost the average small business approximately $80,000 in 2017. (Better Business Bureau)
· 34% of small businesses that reported being the target of a cyberattack ended up losing money. (Better Business Bureau)
· The cost of cybercrime is expected to cost global business over $8 trillion from 2017 to 2022. (Juniper Research)
So, we’ve determined that your small business may be a larger target for cybercriminals, and at this point, you already know that a lapse in cybersecurity can be costly. If federal investigators find that the lapse in cybersecurity was due to inadequate network security on your end, the resulting costs are likely to be even higher.
Plus, depending on your IT policies and software choices, it’s also highly likely that your organization will be infected. A recent report from Datto, “Ransomware and Office 365 for Business: What You Need to Know,” states that 29% of IT professionals report clients who have encountered ransomware for Office 365 – and the risks aren’t limited to business management software. Your company’s BYOD policy puts you at risk too.
· An average of 24,000 malicious mobile apps were blocked each day in 2017. (Symantec)
· A single variant of a malicious app was downloaded more than 100,000 times from the Google Play store in 2018. (Cyberscoop)
· Malware can be delivered via phishing emails, ads on websites (malvertising), links and downloads online, infected apps, USB drives, free software bundles, scareware (pop-ups that scare you into clicking), and many other avenues.
Considering how many cyberthreats are out there, if you haven’t been infected with malware yet, your odds are shrinking. Remember, you have to protect your data 100% of the time to avoid a damaging financial impact, whereas criminals only have to succeed at breaking into your systems once.
Sounds like network security is important… but are the costs worth it?
What Are the Costs of Network Security?
Luckily, it’s easy to find a good network security system that’s affordable and simple to manage. To give you the national averages (we only know the costs in our areas), we turned to the software comparison experts at Capterra to get a breakdown of typical network security costs. Here’s a summary of their findings:
· The average cost of the first year of basic network security for a small business with 5 users is around $1,400.
If you have a dedicated IT team that has extra time on their hands, you could get network security software for as little as $0.00 (yup, free), or if you want the highest-tech, fully predictive solutions on the market, you could pay as much as $24,000. Since these numbers have such a large range, we suggest you call around for some quotes that apply to your specific needs in your area.
· “Per license” costs run $1,000 - $6,000 per year.
Licensed network security software usually refers to automated software that can perform a wide range of duties. Some licensed software may do simple spam blocking, other options may do in-depth network monitoring. Since the software abilities are highly variable, the costs are highly variable too. Again, we recommend calling around to get some quotes, so you can get specific numbers for your specific needs.
· “Per user” costs average $37 per month.
The “users” for this software either refer to the number of professionals you’ll need to monitor your network, or the number of employees (end users) your company has. Of course, you’ll want to clarify which one you’re being charged for, since the costs will vary considerably based on who is considered a “user.”
· Per endpoint / device costs average $2.25 per month.
Endpoints and devices include all your laptops, mobile phones, servers, desktops, IoT devices, etc., so although this cost seems low, it can add up very quickly. In addition, per endpoint / device coverage takes a lot of management from you because each time you add a device to your company, you’ll need to add it to your billing plan. That can get tricky if an employee decides to attach their FitBit to your network or brings in an internet-connected microwave to work. (You’d be surprised how often that happens!)
· Tiered packages average $500 per month.
These flexible solutions are the winning choice for most SMBs because they offer “all in” coverage that provides a range of network security solutions in a convenient, easy-to-manage package. Your tier would be specifically geared to meet your needs, providing “just right” coverage that’s not too little and not too much. Since each network services provider offers different included services, you should call around for quotes on this one too.
Capterra’s main finding was exactly what we, as IT professionals, already know. It’s less expensive for your business to use automated systems and services — such as VPNs, password managers, and email security solutions with a tape or disk backup — but those DIY systems introduce more risk for your company because your employees and your lone IT person has to carefully manage and monitor your systems 24/7. The less expensive solutions also won’t be cutting edge, which matters because cybercriminals are constantly evolving their methods to inflict more damage and extract more data.
As you’d expect, hiring an outsourced IT department to monitor and manage your patching, updates, licenses, mobile devices, and email and web security around the clock will cost more than the “do it yourself” method. However, using an outsourced IT company is likely to result in less risk for your company – and, as we determined, if your luck runs out, the consequences can be very, very costly.
But, honestly, the choice of whether to choose a true network security solution or to rely on a more casual security method is really up to you. Only you can determine what level of risk you’re willing to assume at your company.
Ready to get a no-pressure quote on how much it would cost your business to strengthen your network security? Want to know where your network is vulnerable, so you know what you need to focus on? Contact the experts at Bit by Bit to start the process and learn more.