“The biggest risk is the one you don’t take” is a tune you’ll hear motivational speakers deliver in their presentations to make the argument that you should throw all caution to the wind and go for it (whatever “it” is). While that may be a good piece of advice to get someone to take action, experienced entrepreneurs and business executives NEVER throw “caution to the wind” and take wild risks. Instead, they take calculated risks by weighing consequences and laying buffers, hedges and checks in place to reduce the risk and potential loss. They look for the risk because they know unchecked optimism is foolish and dangerous, and Murphy is always standing by with a big wrench in hand, ready to throw it into your best-laid plans.
If you follow Warren Buffett’s two rules of investing, you’ll see this same caution: Rule #1 – Never lose money. Rule #2 – Never forget Rule #1.
A good question to ask yourself is where are YOU putting your business and your money at unnecessary risk? You cannot prepare for and prevent EVERY risk in your business, but one area we see a lot of businesses taking huge, unmitigated risks is with their data and cyber security. Despite the overwhelming evidence that the risk and the financial consequences of cyber-attacks are enormous, we still hear the same reasons for why companies are not properly protected: “Nobody is going to hack us…we don’t have anything they want,” or “We can’t get hacked because _____,” with the blank being things like “we are too small”, “we use cloud applications”, “we have a good firewall”, “our people are too smart to click on bad links in e-mails”.
Largely this is not founded in confidence and logical thought but based on a willful neglect and a desire to avoid spending the funds necessary to truly secure their data, their business, their finances. While its understandable that nobody wants to spend a lot of money on IT, the risk doesn’t cease to exist just because you choose to ignore it.
One of the smartest investors in the world, Howard Marks, CEO of Oaktree Financial, said (paraphrased), the less risk you perceive, the more risk there is. For example, if someone does not believe there’s any chance of dying in a car wreck on their way to the store, they may fail to put on their seat belt, text while driving and be a lot less cautious about paying attention to the road than someone who thought there was a very high chance they could be in a fatal crash. The lower the risk perceived, the higher the risk is, because we lower our guard and don’t protect against it.
That’s exactly why small businesses are the #1 target for hackers. They’re EASY prey. Sure, the hackers don’t get bragging rights for bringing down a company like Dole or hacking into Microsoft Azure, but hacking millions of small businesses for a few thousand dollars each in ransomware adds up. It’s not that these attacks don’t happen, you just don’t hear about them because they don’t make the evening news, just like you don’t hear about the 6 MILLION car wrecks that happen every year. Only the big ones – or the ones that seriously impact rush hour traffic – get noticed.
If you are not certain that you are truly and fully protected against cyber-attacks call us at 281-646-1200, email us at results@alexaur.com, or click here to schedule a quick 10-minute call to find out what security systems could be implemented to give you stronger protections against hackers and against employees who accidentally click on or download a malicious file.
Remember, not all successes are measured in gains secured. Sometimes success is defined as losses avoided. If you were given the chance to go back in time and unwind 2 or 3 financial, business or life decisions you’ve made, knowing what you know now, I’m sure everyone would take that opportunity. Most likely, you’d go back and warn yourself about dumb mistakes you made and put protections in place to avoid losses you incurred. Sadly, there’s no genie in a bottle to make that happen, so an ounce of prevention against cyber-attack IS, without a doubt, worth a pound of cure.
