We’ve said it time and again: Today’s cybercriminals are using more advanced technology than ever. And those malicious tools are becoming even more sophisticated at a breakneck pace. To top it all off, new software developments are enabling these criminals to cast wider and wider nets, targeting businesses that, before, would have flown under their radar. Firms small and large, of every type, are being infiltrated by vicious cyber-attacks across the world each and every day.

Even knowing this, professional services practice managers, partners and directors are tempted to cut costs and corners. When you’ve never had a breach, data security can seem like a distant concern, especially for a limited budget. But regardless of which digital barriers you put in place to protect your firm, you can bet on one thing: One day, your security will be tested by an attack. Whether or not the hackers punch through could mean the difference between your professional services firm shutting down for good — as 60% of small businesses do in the six months following a cyber-attack — and remaining solvent and secure in your position.

When you’re struggling to stay afloat or simply wanting to be a savvy spender, you may think the best way to lock down your data is to put one of your staff on the task or to do it yourself.

And sure, your team can conduct hours of research searching for inexpensive security. And you’ll almost certainly find something cheap with good reviews and a decent track record. You’ll figure out how to install the software across your system, complete with firewalls, server protection, antivirus and maybe a bell and a whistle or two. Perhaps you’ll even hold a meeting to educate your staff on the do’s and don’ts of cyber security. “Use intricately constructed passwords,” you’ll tell them. “Don’t click suspicious links in your email.” Then, after a few days of fiddling with settings and ensuring the security software is properly in place, you’ll forget about it altogether. After all, it’s already installed, and you’ve checked to make sure there aren’t any gaps in the system. It’s not something you need to constantly monitor.

A year later, your professional services firm has — miraculously — doubled in size. You’re finally reaping profits. Best of all, a recent news story has brought your firm into the public eye, and brand-new leads are contacting you every day. For the first time since the firm’s inception, you can breathe easy.

Then, one Monday morning, you log into your computer. For a second, everything seems to be normal, until an innocent-looking pop-up fills your screen. “Attention!” an eerie robotic voice barks from your speakers, “Your documents, photos, databases and other important files have been encrypted!”

Thinking it’s a hoax, you click into your server drive. To your dismay, you really are locked out of everything. So, palms sweating, you read the rest of the pop-up. It provides instructions to install the dark web browser Tor as well as an address for you to visit. When you go there, you learn that in order to recover all your data, including the credit card information of your customers or clients, you’ll need to dish out $50,000 in bitcoin.

A year ago, you couldn’t afford adequate cyber security. Can you afford $50,000 in cash today?

Naturally, this doesn’t include the down time costs, your team’s wages, incident response services to work out what data has been compromised and what reporting you now have to do to the Office of the Australian Information Commissioner with regards to the attack. It goes without saying you may then face fines up to $2,100,000 from the Office of the Australian Information Commissioner if they find you did not adequately deal with the situation.

Identical situations are unfolding every day, with people exactly like you. Back in April, news outlets reported that across the previous 12 months, half of all small businesses had been infiltrated by malicious hackers. “Cyber security and cyber resilience is not a tech problem – it's a business issue – your business issue.” wrote the Australian Securities and Investments Commission in a 2016 report. “It starts with the acceptance that at some point your business will be attacked, and safeguarding your business, clients and our markets from considerable loss can only be achieved through a sustained focus on cyber resilience preparedness.” Cheapo security solutions might be fine for a lone browser surfing the web at home, but they are shockingly inadequate resources on which to base the entire success of your firm, your livelihood, and the livelihood of your team.

Frankly, it’s irresponsible to lock your data behind a flimsy $500 firewall. Invest in robust cyber security solutions and secure the future of your firm today.