For security leaders today, the question of how to stop cyberattacks might seem pretty obvious. But for small and midsize businesses, the role of security leader often doesn’t exist at all and the responsibility of protecting the organization against cyberattacks instead lies elsewhere in the organization.

This presents a real problem since these companies may not have the skills and tools available to prevent, detect or respond to a cybersecurity incident.

More Than Just Money at Stake

According to the Ponemon Institute’s “2016 Cost of Data Breach Study,” the average total cost of a data breach in the U.K. is 2.53 million British pounds, which is a 6.5 percent increase since 2013 and equates to 102 pounds ($158) for every record breached.

But the impact of a cybersecurity breach extends far beyond the financial implications. The damage that data breaches can do to a company’s brand is just as costly, if not more. Customers who have their personal information exposed as a result of insufficient cybersecurity are unlikely to return and rebuilding that trust can, in many cases, be impossible.

In 2015, 736 million records were exposed due to a record 3,930 data breaches. The risk doesn’t just sit with smaller enterprises either — as recent history shows us, even the big players aren’t immune.

How to Counterattack Cyberattacks

There are three critical factors you should consider when dealing with the increasing risk of cyberattacks:


The first line of defense against security breaches is preventing them from happening in the first place. Don’t settle for a reactive defense strategy — make prevention a priority.

You need to make sure you have the right preventative measures in place and generate awareness within your organization about good cybersecurity practices. After all, data breaches aren’t just a product of malicious activity; human error and bad practices can also leave your business exposed.


Your ability to respond to cyberthreats becomes negligible if you don’t have the visibility to detect them. Cybercriminals can break through conventional defenses without most victims even knowing. The average threat goes undetected for 225 days — an uncomfortably long time for any organization to be exposed. Make sure your business has the right analytics and insight tools for rapid detection of security breaches.


As cyberattacks become more sophisticated, all organizations should have the correct measures in place to be able to react accordingly to any malicious activity before it becomes harmful.

Three Steps to Stop Cyberattacks

  1. Sign up to IBM X-Force Exchange. IBM X-Force Research is one of the world’s most highly respected commercial security research teams. The team monitors and analyzes security issues and produces research assets to help customers and fellow security experts better understand the evolving threat landscape.
  2. Keep up to date with current cybersecurity trends. The latest security analysis and insight from top IT security experts and leaders can help you understand what to watch for in your environment.
  3. Understand the issues and your options. The topic of cybersecurity is broad, dynamic and constantly changing. The issues that are most pertinent to your business will depend on your business needs, infrastructure and industry.

More from Data Protection

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…

The Digital World is Changing Fast: Data Discovery Can Help

The rise in digital technology is creating opportunities for individuals and organizations to achieve unprecedented success. It’s also creating new challenges, particularly in protecting sensitive personal and financial information. Personally identifiable information (PII) is trivial to manage. It’s often spread across multiple locations and formats and can be challenging to find and classify. Organizations need a modern data discovery and classification solution to identify sensitive data across physical, virtual and public clouds. The Current State of Sensitive Data Discovery and…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…