Get All Access for $5/mo

What Happens When Your Small Business Is Hacked Here are the most feared repercussions of a data breach and how startups can prepare for the inevitable.

By Chris Schueler Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.


News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.

Instead, security pros are feeling pressure from an unexpected source: themselves. Security is quickly becoming more personal, meaning everyone is finally taking ownership for their own cybersecurity successes and failures rather than expecting someone else to take the responsibility.

And while the headlines seem to focus on large name brands, according to studies, 71 percent of cyber attacks occur at businesses with fewer than 100 employees, showing small businesses are just as much at risk, and the pressure spans IT teams far and wide.

So, what repercussions do IT professionals fear the most and what can small businesses and startups do to prepare for a data breach when it happens to them? Here are the top four repercussions and preventative measures uncovered by the 2017 Security Pressures Report from Trustwave.

1. Irreconcilable reputation damage

A data breach isn't just a small glitch -- it is a damaging mistake that a company oftentimes is unable to shake off. The inevitable PR nightmare following a data breach causes reputation damage that may be irreconcilable. This is particularly important for small businesses, because many do not see themselves as targets and they often believe a simple step such as the activation of two-factor authentication is good enough. But, the consequences of a breach in a small business can far outweigh the effects of a breach at a large corporation, as there's often not a strong enough reputation built up to fall back on.

Side effects can include other organizations' unwillingness to partner with a company that has faced a data breach, but the losses oftentimes go beyond sales, as businesses are often forced to spend hefty funds on improving security measures.

2. Permanent financial damages

Financial damages to a company came in as the second most feared repercussion following a breach. According to the Ponemon Institute, the average price for small businesses to clean up after their businesses have been hacked stands at $690,000, and for middle market companies it's more than $1 million.

This cost escalates when organizations hire external IT professionals to help mitigate a security breach -- something that would have been much more cost effective prior to a breach -- but once the damage is done, it's the best option.

3. Ousting of the "responsible" parties

Along with the profit loss and reputation damage comes the inevitable firing of a high profile executive who at one point oversaw a web site, or internal computer system that was compromised.

4. Deadly consequences following a breach

Going out of business -- it is an extreme fallout, but one which has happened multiple times to breached organizations. It can seem like an ordinary day for a small retailer, and then the simple click of an email link threatens the entire business. In fact, the U.S. National Cyber Security Alliance found that 60 percent of small companies are unable to sustain their businesses over six months after a cyber attack.

While this eye-opening consequence can be shocking, business owners must know that if they are not implementing the proper measures for data protection, this risk will quickly turn into reality.

Today's cyber environment proves that nobody is safe from the threat of cyber crime -- not large corporations, small businesses, startups, government agencies or even presidential candidates.

So how can SMB's and startups prepare for the inevitable breach?

First and foremost, every business should have strong defenses and an incident response plan in place and practice it.

Organizations have long taken a defensive approach when it comes to security, but considering the adversaries and repercussions that remain multiple steps ahead, it may be time to consider looking for an offensive strategy. Similar to a fire drill, being ready to respond is crucial and is a step that will help decrease pressures across an organization.

An equally important step is to find a partner to help diffuse the pressure. Many vendors have already picked up on the fact that one of the best ways to prepare for the inevitable is to look to outside professionals to supplement internal security teams. The market for outside security professionals is expected to reach $47.75 billion by 2022, freeing up in-house security professionals to perform their actual job duties, but not absolving them from being an active participant in cybersecurity efforts.

Security pressures become problematic and destructive when they get the best of you. By establishing internal and external allies and remaining on the offensive, IT professionals fear of these repercussions will drastically subside.

Chris Schueler

SVP of Managed Security Services at Trustwave

Chris Schueler is senior vice president of managed security services at Trustwave, where he is responsible for managed security services, the global network of Trustwave Advanced Security Operations Centers and Trustwave SpiderLabs Incident Response.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick


How to Close the Trust Gap Between You and Your Team — 5 Strategies for Leaders

Trust is tanking in your workplace. Here's how to fix it and become the boss your team needs to succeed.


6 Cost-Effective Ways to Acquire Brand Ambassadors

Boost your brand's visibility and credibility with budget-friendly strategies for acquiring brand ambassadors.

Health & Wellness

Get a Year of Unlimited Yoga Class Downloads for Only $23 Through June 17

Regular exercise has been proven to increase energy and focus, both of which are valuable to entrepreneurs and well-known benefits of yoga.

Growing a Business

He Immigrated to the U.S. and Got a Job at McDonald's — Then His Aversion to Being 'Too Comfortable' Led to a Fast-Growing Company That's Hard to Miss

Voyo Popovic launched his moving and storage company in 2018 — and he's been innovating in the industry ever since.

Side Hustle

'The Work Just Fills My Soul': She Turned Her Creative Side Hustle Into a 6-Figure 'Dream' Business

Kayla Valerio, owner of vivid hair salon Haus of Color, transformed her passion into a lucrative venture.

Business Culture

Why Remote Work Policies Are Good For the Environment

Remote work policies are crucial for ESG guidelines. Embracing remote work can positively impact your business and employees.