Statistics to Consider
IT support is very important today in terms of cyber security. Many small to medium-sized businesses don’t believe they’re at risk, but that’s ignoring what the numbers have to say. For example: do you know that a small business, has around a 50% chance of being victim of a cyberattack? That’s the flip of a coin, in that the chances are essentially binary.
Additionally, certain attacks will cost more than others, specifically ransomware attacks. The average payout a business must give such cyber criminals is $7,500. There are also statistics which point out approximately 36% of US businesses that have been subject to cyberattack lost $1,000,000 or more.
There are quite a few different cyberattacks to be wary of, as well. Common cyberattacks include, but certainly aren’t limited to:
There are many other creative cyberattacks which have a very bad effect on a business’s bottom line. If you’re an MSP, you should be bringing these instances of cyber threat to the attention of your clients. The likelihood is, you’ve got the ability to defend against them. IT support which doesn’t feature antivirus and anti-malware software is leaving their clients wide open, and begging to lose their business. Additionally, protecting your clients protects your bottom line as an MSP— it’s a natural service to provide.
Appraising Clients to Their Inherent Need
However, there’s a marketing aspect that represents a kind of silver lining. Cybercrime has grown so big that many companies are calling it CaaS or Cybercrime as a Service. Cybercrime is a multi-billion-dollar industry that Bloomberg defines a “growth” industry. This means more hacks more often, compromising more small businesses. If one of your clients gets hacked, even should they definitively need the services of your MSP, you might get cut from the budget as they try to recoup losses. Granted, this wouldn’t be a wise move, but neither was remaining open to cyberattack when there are vetted means of defense. Oftentimes MSPs will offer cyber security solutions as optional packages, and sometimes businesses don’t take them for the same reason some drivers will get the minimum possible insurance legally necessary to their business.
To that end, there are also scenarios today where legal requirements do predicate measures in prevention of cybercrime. Medical records must be secured, and a business that doesn’t do this could be culpable to litigation from patients whose information becomes compromised.
You need to appraise your clients of the reality of the situation and help them arm themselves against the likelihood of attack. Granted, they may never be at risk— sometimes you’ll flip a coin ten times and, for some reason, it always comes up tails. But even in that case, you only need one “heads” to lose the gamble. And a gamble it is, to function without basic protections against exploitation at the hands of cyber criminals.
Informing Your Clients
Don’t just give clients solutions to help prevent them from getting attacked by criminals on the Internet, or utilizing modern technology solutions for underhanded means. Educate them as well. Tell them how cyber criminals operate. Oftentimes, these individuals work from independent operations in foreign countries where no extradition is possible even should they be caught in their enterprise. Sometimes even were expulsion a possibility, it’s not feasible. And cyber criminals often use concerted shotgun approaches which aim attacks at multiple businesses for the same reason a fisherman hangs a net over the side of a ship when there’s a school of fish around. They’re not looking for one specific business, they’re hoping to have a “catch” of as many businesses in a vulnerable state as possible
The Good News and the Bad News
Let’s do the bad news first: your clients are at risk of cyberattack just by existing. But the good news is, proper procedure can substantially diminish the risk of cyberattack, and your IT support can increase clients while helping them through exposing the truth of the situation, and making protection measures readily available to their operations.