WHAT IS YOUR MOST VALUABLE ASSET?
At the recent NBDA Retailer Conference, I had an interesting conversation with one of the dealers considering new software to manage his data -- sales, customer information, inventory, business financial information, payroll information and more. I asked him some questions to better focus in on his requirements and wants for the new software.
In that conversation I asked him some of the basic questions, questions I raised in the initial articles I wrote for The Micromobility Reporter. I wasn’t surprised by his answers.
How much data do you have that needs protection? “I don’t know.”
How fast is your data growing? “Not sure.”
Will you store your data on site or in the cloud? “Which one is better?”
How often do you back up your data? “Backup?”
Where do you keep your data backups? “Where would be a good place?”
What software products do you use to run/manage your business? “Not sure.”
As we talked more about his business it became obvious that he may have understood his business, but he didn’t seem to understand his systems. My final question was “what is your most valuable asset?” He came back with a couple of responses, his inventory, the physical store, the reputation of his business. All are good responses. When I told him I thought his most valuable asset was his business data, he thought about that for a minute or so and finally agreed.
My last question was, “what are you doing to protect your data?”
While business owners typically know how to protect all the tangible assets of their business, they seldom think about the intangible, even more valuable assets, like their data. One reason is many small business owners don’t understand the value of that data. Another is they don’t understand how to protect their data. When it comes to hacking or having their data stolen or compromised most shop owners think their business is too small to be of any interest to a hacker and the ransom they could pay wouldn’t be worth the effort.
Does hacking still occur? Absolutely. A recent study done in Tennessee by the Travelers Institute, Traveler’s Insurance’s public policy arm, showed that nearly half, 46 percent, of all businesses in the state have been victims of a cyber attack to date. And those are just the ones that get reported. How many don’t get reported? Anyone’s guess.
Most of those attacks took place with large businesses as the target, right? A 2023 study conducted by Accenture found that 43 percent of all cyber attacks were aimed at small businesses. Why? Because they typically are the most vulnerable.
Traveler’s Institute president Joan Woodward said, “There are more than 33 million small businesses in the United States, with more than 61 million employees, and they are the most vulnerable to cyberattacks. Once they get into your system, they know exactly the number of ransomware dollars they should try and extract from you.”
A small business for this analysis is defined as having no more than 500 employees. No doubt your business has less than that, but multi-location dealership could possibly have 50 to 100 employees, which would make an interesting target for hackers.
According to Traveler’s, the average ransom paid for data held captive by hackers is $3 million. That is an impossible number for almost any bike shop owner, though maybe not for a regional/national distributor or manufacturer. Obviously, a ransom demand of that magnitude would be rebuffed, but what if the demand was for $10,000 or $20,000 or $30,000?
The reality is it could happen to you. What would you be willing to pay to get your data back? The attack may not actually “steal” your data, but just encrypt it and make it unreadable to you. That’s bad enough. Getting a key to remove the encryption is the objective however, but even then it’s not 100 percent the data will come back undamaged. Could you rebuild your databases if necessary?
If your data is stolen it may not be for ransom. It could become for sale on the dark web. If your payroll system was compromised, your employee’s social security numbers could be exposed. Your finance systems could expose your bank account information or customer credit card information, addresses, birthdates and more. Would you be able to alert your customers to a data breech to make sure they are affected?
The Accenture study mentioned above notes the number of attacks on small businesses. It also concluded that only 14 percent of those businesses could defend themselves from a cyberattack. The study also revealed only 25 percent of small business owners surveyed are aware of the trends in cybercrime. Even scarier, about half of the respondents said they are not testing their employees on security measures at all.
Do you have a plan to protect your data?
Contact Steve Bina: steve@humanpoweredsolutions.com