'Data protection' key on a computer keyboard.

Data protection must be a priority for businesses of all sizes.

How will you protect your business from data theft?

2019 is well underway and business owners large and small are preparing for what will hopefully be another successful period from a sales perspective. After all, 2018 was one of the best recent years for the nation's economy, with unemployment rates at record lows, corporate revenues often exceeding expectations and personal income levels rising rather notably after years of meager gains.

But what they're hoping won't repeat are cyberthreats. To mount an effective defense, they'll need to implement the proper business continuity plan, one that not only backs up their data systems – both physically and digitally – but also leverages fundamental best practices.

"Breaches averaged $3.8 million per incident in 2018."

Why? Largely because the price of data breaches soared last year, according to figures from IBM and the Ponemon Institute. Globally, costs per incident averaged over $3.8 million. That's up 6.4 percent from 2017.

Part of the reason for the sharp cost increase was hackers' ability to access larger amounts of sensitive data. So-called "mega breaches" – defined as those where at least 1 million records are illegally accessed – have nearly doubled, and the more documents obtained, the costlier these incidents tend to be for the companies experiencing them.

Wendi Whitmore, global lead for IBM's X-Force Incident Response Team, said the indirect costs of data theft – successful or attempted – are massive.

"The truth is there are many hidden expenses which must be taken into account, such as reputational damage, customer turnover, and operational costs," Whitmore explained.

Fortunately, these incidents weren't quite as common in the U.S. last year as they were in 2017, even though the financial fallout worldwide was considerable, as the joint study found. In a separate analysis conducted by the Identity Theft Resource Center, there were 1,244 data breaches in the 2018 calendar year. That's down from 1,632 in 2017, or what translates to a reduction of 23 percent.

The same cannot be said for consumer data exposures, however. The study revealed that more than 446 million records were laid bare in 2018 – a massive jump from the 197 million in 2017. 

"446 million consumer records were exposed in 2018."

If more businesses are aware of the threats , then why are data security incidents happening so frequently? The answer is likely due to several factors. A potential contributor is not enough cybersecurity professionals. They of course exist but because more businesses are hiring them, their services may already be spoken for.

According to a study cited by Forbes and the National Cyber Security Alliance, if conditions don't change, the shortfall in cybersecurity services could reach two million by the end of 2019.

In light of this, instituting the proper business continuity plan is essential to overcoming cybersecurity threats. Here are a few suggestions that can help with detection:

Be wary of suspicious emails
Phishing is one of the most common ways hackers are able to infiltrate data systems. As noted by the Identity Theft Resource Center and CyberScout founder Adam Levin, it's a particularly common tactic for accessing customer or consumer data. When you receive unsolicited messages, tread lightly by looking to see where they originated. If there are unusual symbols in the domain name or come with attachments, don't hesitate to delete them.

Train employees
Avoidable mistakes on the part of employees frequently enable hackers to gain access to data-sensitive portals. Take advantage of workshops and best practices recommended by organizations like the Federal Trade Commission, National Institute of Standards and Technology as well as the FBI.

Become more informed
The cyber threat landscape is constantly evolving. What's best practice today may not be a month or two from now. Consider joining monthly newsletters to keep up to date. Sign up for free with the National Cyber Security Alliance. NCSA promises not to release your information to third parties and you can opt out at any time.