State of Website Security and Threat Report Takeaways

You’ve set up your website, you’ve brushed up your digital strategy, and you’re finally ready to shift your focus to other priorities—but did you remember to lock up? If you’re like many small-to-medium-sized businesses (SMB) website security decision-makers, you may think your business is too small for hackers to take notice of, or that a breach won’t happen to you. But you can’t just call up cybercriminals and ask them not to hack your site or force an outage, or even hope to slip under their radar because you are not a multi-billion dollar business. So how are SMBs faring if most are overconfident and not equipped to combat cyber attacks? We recently conducted a global survey of 1,100 SMBs to better understand the role websites play in each business, the degree of risk these sites represent, and how prepared SMBs are to secure them. Let’s take a look at what the data says about the impact of website breaches.

Disclaimer: this is not for the faint of heart!

Half of SMBs Have Experienced a Website Breach

There’s no sugar-coating it. 50% of SMBs experienced a website breach, and 20% of our sample experienced a data breach just in the past 12 months. And these are only the ones who know they were breached! The actual numbers are likely significantly higher. If you’re in FinServ, things look even more dire, with 52% of SMBs with reported breaches in the past year. Worse yet, in China, 66% of SMBs say that their website was breached in the past year. I think we can all agree that website breaches are far too common.

The Impact of Website Breaches Is Severe

Websites today are the face of the business to most customers and increasingly drive a significant portion of revenue. 54% of SMBs say there would be a serious impact on their business if their website went down, and 72% say they collect or store sensitive data through their website. Not long ago, a breach that compromises personal information like credit card information and social security numbers would have made headlines. Now, it’s so common we don’t always hear about it happening. The impact of these breaches, regardless of whether they constitute a top news story, is severe. 28% of those who have been breached said the consequences were severe or very severe. The top three impacts were website outages or downtime, loss of time/employee productivity, and loss of customer confidence/reputation. And as most business owners know, any of these impacts can lead to lost opportunities for more sales.

#1 Impact: Website Outages or Downtime

Your website is often your business’ first impression, how you connect with your customers, and how you make sales or provide information and services - 24/7/365, even when you’re asleep. But your online business is entirely unavailable during a website outage. Customers land on dead pages or are even redirected to malicious content. If your website is down, your online business comes to a screeching halt. Leads stop coming in, there are no transactions, and ads are wasted. In the era of COVID, when the means of doing business hinges on a seamless online experience–outages aren’t an option. Of SMB websites that were breached, 60% of attacks resulted in site outages.

#2 Impact: Loss of Time/Employee Productivity

A breach is felt deeply within an organization. The business disruption that follows a breach is damaging even after disaster recovery and business continuity efforts. When business leaders and employees are sorting through issues such as customer complaints or legal inquiries, scrambling for makeshift solutions, and sorting through the aftermath of an attack, productivity goes down the drain, and day-to-day business operations suffer. Of SMB websites that were breached, more than a third of website breaches incurred time and employee productivity losses.

#3 Impact: Loss of Customer Confidence/Reputation

The long-term effect of your business’ damaged reputation may be a much harder pill to swallow than short-term losses. If your organization is seen as vulnerable as the result of your customers’ information being compromised or simply because your website cannot be accessed, customers and potential customers may take their business elsewhere. And they are likely to never come back. Business owners are all too familiar with fierce competition and are wise to raise this point to their organization’s website security decision-makers. Of SMB websites that were breached, 39% of attacks resulted in customer confidence/reputation loss.

There’s No Margin for Error

When it comes to website security, SMBs are vulnerable. There’s a high cost to believing that a breach won’t happen to you. Consequences can be devastating, and the impacts range from short-term losses to permanent damage. There’s also a clear advantage held by organizations that have invested in a holistic, end-to-end approach in a single solution. In an age where there is no margin for error in gaining and keeping your customers’ trust, it’s time to invest in solutions and partnerships that will grow and evolve as threats and attack vectors evolve.

Download the full State of Website Security and Threat Report to learn more about the constant attacks that SMBs face and the website security solutions to deal with them.