print   email   Share

Cyber Attacks Continue To Rock Employers

Jennifer Kurtz, the cyber program director at the Colorado-based nonprofit Manufacturer's Edge, recently spoke about cybersecurity and data breaches at the New Mexico Manufacturing Extension Partnership's Manufacturing Day.

Kurtz states that organizations should be concerned about cybersecurity if they want to keep their business, reputation, customers, money, and employees, and not get sued.

She noted that phishing, ransomware, and security breaches not only lead to stolen or compromised data, but also financial loss and even closure in some cases for the targeted organization. Most businesses are at risk of a cyberattack, especially if they, like pretty much every organization, conduct business over the internet and store digital data. Jason Gibbs "Here's what small businesses can do to thwart cyber attacks" (Feb. 25, 2019).


The statistics on data breaches and cyberattacks are worth noting.

According to the 2018 Cost of a Data Breach study conducted by IBM and Ponemon Institute, the global average cost of a data breach increased 6.4 percent last year to $3.86 million. The average cost for each lost or stolen record containing sensitive and confidential information increased by 4.8 percent to $148 per record.

Over half (55 percent) of all small and mid-sized businesses have experienced at least one data breach or cyberattack, according to Kurtz. In 2016, 70 percent of targeted cyberattacks affected small and mid-sized organizations, with 60 percent of those attacks “severely impacting” the affected organization. Fifty percent experienced ransomware, and 48 percent of those paid the demanded ransom.

Over three years, cyberattacks cost $12 billion worldwide and three billion dollars in the US. It costs small businesses an average of $38,000 to recover from a single cyberattack.

Fortunately, according to Kurtz, 94 percent of cyberattacks against organizations are preventable. The vast majority of attacks are human error—for example, using public Wi-Fi while traveling; failing to use strong, unique passwords for devices and accounts; opening unknown email attachments; or responding to suspicious emails.

Training is essential, including training on the security of mobile devices; stopping phishing and identity theft; preserving passwords; preventing malware, and understanding the role of social engineering.

Finally, your opinion is important to us. Please complete the opinion survey:


Log-in to access Training Modules, Article Archives, Model Policies and more!

Latest Numbers

Unemployment Rate

3.8% in Mar 2019

Payroll Employment

+196,000(p) in Mar 2019

Average Hourly Earnings

+$0.04(p) in Mar 2019

Employment Cost Index (ECI)

+0.7% in 4th Qtr of 2018


+1.9% in 4th Qtr of 2018

Source: Department of Labor

Chubb Offers for Employment Practices Liability (EPL) Insured:

Loss Prevention Reimbursement Credit

HR Acuity On-Demand

Best Practice Minute

Available presentations

What's New

Fighting Cybercrime Starts With Addressing Employee Cyber Negligence

New statistics show the risks associated with employee negligence and cybercrime. We provide the data and provide some best practice steps. Read More

Protecting Privileged Credentials: An Essential Step In Cybersecurity

Organizations must take measures to prevent privileged access credential abuse, the leading cause of data breaches. Read ways to protect these valuable credentials. Read More

Knowing The Risk, Why Do You Continue To Reuse Your Password?

Although they know better, most people still fail to use unique passwords for their online work and personal accounts. Learn ways to create passwords that are harder to decipher, but that you will remember. Read More