It is similar to a Chess Game, but different:

  • Each day, the small business owner is busy focusing on running his shop. He has customers to please, suppliers to deal with, product to promote and daily issues to address. He has little time each day to consider of all the ramifications of making sure that all his data is protected. He knows that it is important, but with all his responsibilities, he cannot give this aspect of his business, the attention it deserves.
  • The hacker, sits in front of the computer, focused on the task of stealing your data. That is his day, his purpose, his job and he is very good at it.  He knows that the small business owner has many things to concentrate on. He understands “small business vulnerability” and he uses it to his advantage. He also knows that big business has teams dedicated to making sure that their data is secure and firewalls are strong, so he chooses to target the mom and pop shops.

One player is focused on the game, the other distracted by other responsibilities associated with owning a business.


Almost half of Cyberattacks (43%) worldwide in 2015 targeted businesses with fewer than 250 workers, according to the 2016 Symantec Corporation Small Business Data Security Report.

 The average cost of such a data breach for these small businesses is more than $36,000 and can be up to $52,000 including costs like notifying customers, mandatory forensic examination, credit monitoring affected customers for up to a year, and liability for fraud charges.

A March 15th report from focuses on the issue of small business vulnerability.  The Federal Trade Commission (FTC) is doubling their efforts to educate small and midsize businesses on risk management as their susceptibility to data breaches increases each year.

According to Maureen Ohlhausen, the FTC’s acting chairman, while speaking to a panel at Nasdaq in New York City. “We are seeing a huge amount of data breaches target small business, but they don’t have the resources to withstand the impact.”


There are two “Lines of Defense” Against a Business Becoming a Victim of a Data Breach:

Primarily: EDUCATION

The first line of defense against having business data compromised is to learn how to defend it. There are dozens of resources and thousands of articles available to help.  Both the NCSA and the FTC offer resources, including training videos and guides, for small businesses in need of data security help. 

Interestingly, it is not just the business owner that needs to be “educated” when it comes to protecting business data. Often breaches occur when staff members accidently “click” on an email containing a bogus “phishing” link (malware, ransomware, etc.) or create weak passwords. Just one employee using the word “password” as their password, is an invitation for Hacktivists to walk away with your data.

Secondarily: INSURANCE

You cannot monitor all your staff, all the time. (By the time you realize that a staff member has caused a breach, the damage is already done).

No matter what security system you invest in, you cannot protect all your data. For every Firewall and Software Upgrade that you install, the hackers are already figuring out ways to disarm and neutralize it.

So, what option do you have to truly protect your data (or at least minimize the damage if client or proprietary data is stolen?). You have insurance. A Cyber Insurance Policy is a MUST for small business owners, simply because: 60% OF SMALL BUSINESSES CLOSE WITHIN 6 MONTHS OF A DATA BREACH. The financial obligations of cleaning up a data breach and making your clients “whole” again is staggering. Cyber Insurance is the only way to go. The only true line of defense.

The only “true” foolproof way of not losing the chess game, not hearing the Hacker say, "Checkmate" ... is to invest in a Cyber Insurance Policy