August 31, 2016 By Dan Mallinson 2 min read

For security leaders today, the question of how to stop cyberattacks might seem pretty obvious. But for small and midsize businesses, the role of security leader often doesn’t exist at all and the responsibility of protecting the organization against cyberattacks instead lies elsewhere in the organization.

This presents a real problem since these companies may not have the skills and tools available to prevent, detect or respond to a cybersecurity incident.

More Than Just Money at Stake

According to the Ponemon Institute’s “2016 Cost of Data Breach Study,” the average total cost of a data breach in the U.K. is 2.53 million British pounds, which is a 6.5 percent increase since 2013 and equates to 102 pounds ($158) for every record breached.

But the impact of a cybersecurity breach extends far beyond the financial implications. The damage that data breaches can do to a company’s brand is just as costly, if not more. Customers who have their personal information exposed as a result of insufficient cybersecurity are unlikely to return and rebuilding that trust can, in many cases, be impossible.

In 2015, 736 million records were exposed due to a record 3,930 data breaches. The risk doesn’t just sit with smaller enterprises either — as recent history shows us, even the big players aren’t immune.

How to Counterattack Cyberattacks

There are three critical factors you should consider when dealing with the increasing risk of cyberattacks:


The first line of defense against security breaches is preventing them from happening in the first place. Don’t settle for a reactive defense strategy — make prevention a priority.

You need to make sure you have the right preventative measures in place and generate awareness within your organization about good cybersecurity practices. After all, data breaches aren’t just a product of malicious activity; human error and bad practices can also leave your business exposed.


Your ability to respond to cyberthreats becomes negligible if you don’t have the visibility to detect them. Cybercriminals can break through conventional defenses without most victims even knowing. The average threat goes undetected for 225 days — an uncomfortably long time for any organization to be exposed. Make sure your business has the right analytics and insight tools for rapid detection of security breaches.


As cyberattacks become more sophisticated, all organizations should have the correct measures in place to be able to react accordingly to any malicious activity before it becomes harmful.

Three Steps to Stop Cyberattacks

  1. Sign up to IBM X-Force Exchange. IBM X-Force Research is one of the world’s most highly respected commercial security research teams. The team monitors and analyzes security issues and produces research assets to help customers and fellow security experts better understand the evolving threat landscape.
  2. Keep up to date with current cybersecurity trends. The latest security analysis and insight from top IT security experts and leaders can help you understand what to watch for in your environment.
  3. Understand the issues and your options. The topic of cybersecurity is broad, dynamic and constantly changing. The issues that are most pertinent to your business will depend on your business needs, infrastructure and industry.

More from Data Protection

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today