“The biggest risk is the one you don’t take” is a mantra you’ll hear motivational speakers deliver in their presentations – attempting to make the argument that you should throw all caution to the wind and go for it (whatever “it” is).
It’s the Wayne Gretzky school of motivation – “You miss 100% of the shots you don’t take.”
Or the Nike school of “Just do it.”
While that may be a good piece of advice to get someone to take action on an idea (and get the speaker applause at the end of their presentation), truly smart, experienced entrepreneurs and business executives NEVER throw “caution to the wind” and take wild risks.
They take calculated risks, weighing consequences and putting buffers, hedges and checks in place to reduce the risk and potential losses. They look for the risk because they know unchecked optimism is not only foolish, but dangerous, and Murphy is always standing by with a big wrench in hand, ready to throw it into your best-laid plans.
The fact is this: the biggest risk Is not the one you don’t take, but the one you don’t see.
If you follow Warren Buffett’s two rules of investing, you’ll see this same caution: Rule #1 – Never lose money. Rule #2 – Never forget Rule #1.
A good question to ask yourself is where are YOU putting your business and your money at undue risk? While you cannot prepare for and prevent EVERY risk in your business, one area where we see a lot of businesses taking huge, unmitigated risks is with their data and cybersecurity.
Despite the overwhelming evidence that the risk and the financial consequences of cyberattacks are enormous, we still hear, “Nobody is going to hack us…we don’t have anything they want,” or “We can’t get hacked because _____,” with the blank being things like “we use cloud applications” or “we have a good firewall,” “our people are too smart to click on bad links in e-mails,” or other similar “reasons” for their false sense of security. They explain it away.
Candidly, it’s our belief that this is not founded in confidence and logical thought but based in wishful thinking and a belief that the funds necessary to truly secure their data, their business, their finances exceeds the risk. And while I completely understand that nobody wants to spend a lot of money on IT, the risk doesn’t cease to exist – and doesn’t get smaller – just because you choose to ignore it or believe you won’t be a victim.
One of the smartest investors in the world, Howard Marks, CEO of Oaktree Financial, said, paraphrased, the less risk you perceive, the more risk there is.
For example, if I don’t think there’s any chance I can die in a car wreck on my way to the store, I’ll take more risks. I’ll fail to put on my seat belt, text while I drive, and be a lot less cautious about paying attention to the road than if I thought there was a very high chance I could be in a fatal crash. The lower the risk perceived, the higher the risk actually is, because we lower our guard and don’t protect against it.
That’s exactly why small businesses are the #1 target for hackers. They’re EASY prey. Sure, they don’t get the bragging rights of bringing down a company like Dole or hacking into Microsoft Azure, but hacking millions of small businesses for a few thousand dollars each in ransomware pays. You just don’t hear about these attacks because they don’t make the evening news, just like you don’t hear about the 6 MILLION car wrecks that happen every year. Only the big ones – or the ones that seriously impact rush hour traffic – get noticed.
If you are not all that certain that you are truly and fully protected against such hacks, click here to schedule a brief discovery call with us. We can conduct a quick and easy cybersecurity risk assessment and tell you for sure if your current IT company is protecting you, and what level of risk you’re at for a cyber-attack. It’s free and comes with no expectations or cost.
Remember, not all successes are measured in gains secured. Sometimes success is defined as losses avoided. If you were given the chance to go back in time and unwind 2 or 3 financial, business or life decisions you’ve made, knowing what you know now, I’m sure everyone would take that opportunity. Most likely, you’d go back and warn yourself about dumb mistakes you made and put protections in place to avoid losses you incurred. Sadly, there’s no genie in a bottle to make that happen, so an ounce of prevention against cyber-attack is, without a doubt, worth a pound of cure.