Marketing today isn’t for the faint-hearted.

The workload can be overwhelming at times. Among the thousand things you’re responsible for, you’ll find the usual suspects: Branding, collateral, production, brand awareness, event management, partnerships, finding and chasing down leads. Then there are the hundreds of emails and social media posts to wade through. And when you’ve done that, there’s, content, SEO, advertising and analytics to factor in. Now that’s your day job! The one mitigating factor is that all these tasks are what you studied for. You have learned to deal with most contingencies.

Sometimes, however, you’re handed the responsibility for tasks that lie outside your comfort zone – tasks such as maintaining the company website. We’re not just talking about accurately entering Mr. Flausglotten’s name into the Customer Management System correctly. No, we’re talking about website nuts and bolts. The website maintenance tasks you really shouldn’t be responsible for including making sure that your site works properly, performs well, and is secure from harm, because although these tasks sound innocuous, they are in fact laden with career ending risk!

The problem isn’t the low-level gremlins that get into any system from time to time. Your IT team will usually fix these (though good luck finding your IT team. They’ve all moved into the Cloud lately). Once they sort out that glitch, you can go back to marketing and to living la vida loca.

The real difficulty arises when it turns out that the gremlins you blamed (shame on you) for the slump in performance, were never guilty in the first place because actually your system has been hacked. And that’s a whole other world of pain. When your website has been hacked, there’s no use sobbing on the IT Manager’s shoulder, because he’ll already be sobbing on the MD’s shoulders — because the cost of a hack can be substantial and the costs are real.

Hacked websites are not always simple to fix — even by a seasoned IT team. Complicating matters is the inevitable clash of antlers between the marketing team and their internal IT team. This is rarely a pretty sight and can significantly prolong the time taken to get a resolution.

In the end, the IT team may well find and remove malware and break open a bottle of champagne in celebration. But there’s a chance that a week later they’ll discover more malicious code just waiting to bring the site down again. Because what hasn’t been fixed is your site’s vulnerability to being hacked in the first place. Leave this unattended and it will happen again. Once in the cycle, IT’s time and resources rapidly become depleted, leaving the marketing team little option but to seek outside help from a third party.

Then, by the time you clean up the site and you’re ready to climb back on that horse again, other members of the digital community that have learned that you’ve been hacked want to have their say – like your hosting company or search engines. That’s when you find yourself digging your way out of the online sandbox!

That’s why the time to start managing your website correctly is now, because unfortunately, without proper maintenance, your chances of getting hacked are fairly strong. One leading expert claims to discover 30,000 newly-infected web pages each and every day. More than 80 percent of these pages are on innocent web servers which have been hacked by cybercriminals. Hacks are especially popular on WordPress sites due mostly to the platform’s popularity.

Costs of a website hack

‘If it ain’t broke, don’t fix it’ is probably the stupidest piece of advice ever given. Yet, even if you raise the alarm through a megaphone directly into their ear, most people – especially business leaders – don’t like to fix things that aren’t broken. This is a bad mistake and time is the enemy. Unattended plugins and features are vulnerable prey for today’s hackers.

If you think your website maintenance plan either doesn’t exist or isn’t cutting the mustard, lets look at what a hack might cost your company, so you can tell your boss.

The true cost of being hacked doesn’t neatly appear on the pages of a ledger. It will be a combination of hard costs, which are relatively easy to quantify, and soft costs, which are notoriously difficult to pin down. (sigh)

Hard Costs

Hard costs are easily accounted for because you’ll receive invoices for them.

These include:

• Developer time
• Administration costs for time spent coordinating work between your internal team, outside vendors and clients
• Cost of investing in ways to prevent further damage or attacks
• Billable hours from your IT team for investigating, researching and working on the problem

While simple to calculate, such costs can hit your budget hard.

Now, the soft costs.

Soft costs

No matter how high the hard costs of a website hack turn out to be, you can be sure that 9 times out of 10 times soft costs will greatly exceed them. By way of illustration, here’s a breakdown of the potential soft costs of a hacked website.

Data costs

Let’s start with a cost that straddles both hard and soft cost definitions. There’s a neat bill for data recovery, for sure, but you can’t put a price on the data itself – and its loss can be catastrophic.

The New York Times recently ran a story about a business that fell victim to ransom malware. Hackers held all of the company’s data to ransom. Instead of paying the ransom, a team of seven spent 4 days reconstructing the system from the ground up.

Constance Gustke, the author of the article said:

‘Focusing on revenue over protection is far from unusual for small companies. But it is an increasingly dangerous path, experts say. Limited security budgets, outdated security and lax employees can leave holes that are easily exploited by ever-more-sophisticated digital criminals.’

Data loss per se, is damaging. But worse things could happen when hacked. Your data — more worrying still, your customer’s data — could be stolen and used in cyber-criminality including identity fraud, causing much more damage.

Loss of Confidence

Hacked sites do not endear themselves to current and potential customers. While internally there’s often a lot of finger pointing. The finger pointing tends to be self-perpetuating and rarely resolves anything. Your web company holds you responsible for ignoring software updates. You bark at the hosting provider because you think this was their baby. The hosting provider blames someone — anyone — in your backyard for failing to change a password. And so it goes on and on.

Disruption and Stress

Repairing a hack also carries a hefty opportunity cost. You can’t focus on eradicating an infection and give all your time to growing the business. The effort goes not into building a better boat, but into bailing out the boat you’ve gotten yourself into.

The launch date of that game-changing new web project you hoped would double your business will slip again and again while the tech team fire-fights the escalating damage caused by the hack and everybody else gets strung out.

When your site’s hacked, marketing – and in extreme cases perhaps your whole organization grinds to a halt for as long as the site continues to malfunction, or while it’s been brought down so repairs can be carried out.

Loss of Revenue Due to Site Downtime

If your site’s down, you’re not earning. Think how much business you might lose if your site was inactive at peak times for maybe three days. The very purpose of your web site is to convert transactions into revenue. If no one can download your music or purchase your goods and services, this could mean a devastating loss of retail transactions, downloads, or other conversions contributing to your revenue stream. You might lose access to your site altogether; a costly hiatus when employee downtime sucks money out of your business and no one can visit your site.

And it won’t just be the hackers causing the pain. The hosting company could shut your site down if it’s infected, causing more misery and loss of earnings. Google, for instance will tag your search results as ‘hacked’ or ‘harmful’. In effect they will be telling the world to stay away from your site.

There’s one thing you can count on: Visitors who can’t access your site or carry out the transactions they visit you for, will leave and might not return. On top of that, you might have to compensate your customers for the disruption. More cost to bear.

Another soft cost that isn’t at first obvious is the time required by your customer services team to manually support your customers until the hack has been remedied.

All of these costs, soft and hard, make it difficult assigning a precise dollar value to the damage caused by a website hack, but you do know that every cent of the cost is an unwanted burden on your business. What to do? Well, sure as eggs is eggs, if the source isn’t nailed, or if you don’t put a robust website maintenance plan in action, you can count on getting hacked again. Remember, fixing a hack without addressing your website maintenance protocol leaves you vulnerable to future attacks.

You should now have all the information you need to avoid catastrophic damage to your business. Cleaning up and restoring your database might cost a few hundred dollars. Programmed maintenance comes in around $300 a month. But set these costs against the potential hard and soft costs discussed above and it’s not difficult to see the true value of a robust website maintenance and support program.