Hackers are recognised as one of the most damaging threats to digital businesses. Anyone that collects and stores “sensitive” data is a target.
Except it’s not the hacker that put you out of business. The more likely scenario is that data privacy introduced by the EU will force small-to-medium sized businesses to close their doors.
That might sound like a pretty unrealistic statement, but when you look at the statistics, it becomes clearer where SMEs are falling foul. To cut a long story short, 38% of businesses fail after a security breach because they can’t retain customers.
What puts data-breached companies out of business is loss of revenue because of damage to the business’s reputation. One survey reveals that 25% of people won’t return to a company that has been breached by threat actors.
But why is that?
The Foney GDPR Trap
In 2018, the European Union introduced new legislation known as the General Data Protection Regulation (GDPR) was initially created to protect data privacy.
that is meant to protect businesses from selling the sensitive data of their customers. Yet most people are still getting spam marketing business services or products from businesses that shouldn’t have access to their email addresses.
The finger is pointed at threat actors stealing the data and then selling it to other businesses for marketing purposes. So if you’re still receiving spam emails, the chances are that a company you are with has suffered a data breach.
However, if that is the case, you should have been informed about it. That’s what businesses are obligated to do under the rules of GDPR. So if you haven’t been notified of a data breach with a company that has your email address, it can’t be because hackers stole it.
So are businesses still selling your sensitive data? If so, then GDPR doesn’t work.
What GDPR does is collect money from companies that report a data breach to the Information Commissioners Office. To date, the ICO has scooped a whopping $1.25 billion into government coffers in the three years that fines have been handed out.
But it’s not the penalties that hurt companies. A GDPR fine only amounts to 2% of a company’s annual turnover. Most companies could manage that financial hand slap.
Which begs the question, why do 60% of businesses fail after suffering a data breach?
The answer can only be because they lose customers after reporting a data breach to stakeholders. Without customers, a business cannot survive.
Protect Your Customers
So rather than protecting the general public, money data protection laws are starving consumers of an opportunity to buy products and services they can trust from independent local businesses.
When trustworthy businesses close, consumers have to turn to brands that sit under the hood of 10 global corporations. And many of these companies use substances or ethics most people want to avoid.
To protect your business from regulators you need to protect yourself from hackers. Subsequently, you are protecting your customers – not from having sensitive data stolen that amounts to nothing anyway (I.e an email address), but by providing a trusted service they won’t find from brands owned by corporations.
The best way to avoid suffering a data breach is to be aware of the tools and techniques threat actors use to compromise a business. The best way to protect your customers is to provide your staff with cybersecurity awareness training.