Cybercrime historically increases by 40% during times of market instability or global disruption.
By Anisa Williams, BSS Staff
In times of major disruptive events, most small business owners will slash spending and move into a holding pattern, hoping to ride out the swells of uncertainty. However, the last few downturns (both domestically and globally) have shown that cyber criminals ramp up their attacks, leading to a shocking three-fold increase in exploits and cyberattacks. This activity can last for weeks or months, depending on the nature of the world-altering event. The most common types of exploits include fraudulently impersonating legitimate websites, social engineering, phishing, and ransomware attacks.
While it may seem counterintuitive to fund increases in your IT security during a downturn, having a robust, secured, and solid infrastructure actually helps businesses survive. The best security takes a multifaceted approach, prioritizing cybersecurity and disaster recovery/backups while also focusing on employee education.
Invest extra when cutting budgets
Computers, networks, and internet connectivity are the backbone of doing business, regardless of your size and industry. We can’t live without IT, but if your IT network is not secured from threats, you won’t have a business to do.
Cutting cybersecurity initiatives shouldn’t be done lightly. Attackers expect businesses to cut IT needs and actively target Small and Medium sized Businesses (SMBs) because of that. Over 61% of SMBs are the target of cyberattacks, with 82% of ransomware attacks against companies with fewer than 1,000 employees and 37% with fewer than 100 employees.
Considering the cost of recovery from a ransomware or data breach averages $2.73 Million (excluding tha ransoms), many SMBs are irreversibly damaged and 60% close their doors within six months of an attack. Those that stay open have an uphill climb to regain reputation and deal with long-term recovery struggles.
Insider risks grow during layoffs
Employees stealing data or caring less about following security procedures are a bigger threat during times of economic instability and layoffs. When employees feel insecure or betrayed, DTEX Systems’ Insider Risk Report noted that 56% of companies were subject to data theft when employees resigned or were laid off.
Most businesses who were able to effectively stop insider threats are because they have invested in security measures in advance to notify and interrupt exfiltration of company data.
Identify risks to show ROI
Simply, organizations that slash IT resources will be less protected. Identifying gaps in your security, tools, processes, and backups will ensure you are able to fight off and recover more quickly from a cyber-attack.
Even if your company is not subject to compliance regulations, performing an IT Security Audit will help you identify the easy and quick things you can do to shore up your infrastructure. This will also help to demonstrate the value of your cybersecurity and disaster recovery programs to prevent budget cuts in IT.
New technologies in both hardware and software can help companies be more secure when business needs are getting leaner, allowing smaller staff to do more with less. Additionally, adding a cyber insurance policy can help SMBs recover more quickly without fear of financial ruin.
Outsource to stay focused on your business
Outsourcing your IT to a Managed Service Provider (MSP) is a cost-effective way to dramatically increase your cybersecurity and get leading edge tools, often for less per month than it costs to keep an internal IT person.
Many MSPs, like BSS, offer flat rate monthly fees with no surprise invoices, that help you navigate market fluctuations with stability and scalability. Trusting a team of IT experts allows you to stay focused on your business while they do what they do best: keep you safe and educate your employees on security best practices.
BSS clients get leading edge Managed Detection and Response, a cybersecurity software designed to detect intrusions and unusual behaviors before it escalates into a breach. Additionally, we insist on hourly and daily secure backups that can get you back up and running in hours or a few days, versus the average downtime of 21 days from cyberattack.
Companies that don’t have robust policies and tech in place to protect themselves are under the greatest risks for closures. Awareness is the first step: knowing that cybercrime increases greatly during instability means that you can put measures in place today. Investing in prevention now means the less expensive it will be in the long run. From that place of strength, you’ll be able to wait out the storm, regardless of what the cybercrime world throws at you.
Cover illustration by Pixabay/joe jplenio
Sources
https://solcyber.com/securing-your-business-during-economic-uncertainty/
https://www.strongdm.com/blog/small-business-cyber-security-statistics
https://www.weforum.org/stories/2024/02/why-cybercrime-spikes-in-times-of-global-crisis/
https://ponemon.dtexsystems.com/
https://www.perforce.com/blog/pdx/ransomware-costs-downtime
https://go.crowdstrike.com/2025-global-threat-report
