When it comes to cyber security, small business owners have it upside-down. Some 57% of small business owners feel they won’t be targeted for cyberattacks, according to Forbes Magazine.
In reality, as reported in the 2019 Verizon Data Breach Investigations Report, small businesses are target #1 for criminals and represented 43% of all data breaches — often because their false sense of security leads them to not put proper defenses in place. It’s like a homeowner leaving doors unlocked and open because he figures the criminals will go to the wealthier homes up the hill.
What criminals do, though, is first go to the unguarded “homes” at the bottom of the hill to steal stuff. Small businesses have plenty of customer information — like credit card numbers, email addresses, and insurance details — that are enticing to cyber criminals.
Criminals also see another benefit from attacking small businesses. They can be the entry point to invade the networks of larger companies they do business with. A study by the Ponemon Institute found that 59% of companies have experienced a data breach caused by a third party or one of their vendors with whom they have shared sensitive information.
In this sense, the criminals break into the “homes” at the bottom of the hill, and then climb the fence to get to those “wealthier homes.”
Lapses in Security
From the criminal’s standpoint, it makes sense to target a small business’s cyber security given their potential lapse in security. A research study cited in an article on Cision PRWeb found that 23% of SMBs use no device security, 32% rely only on free solutions, and most admit they are inadequate in training employees to avoid cyberattacks. More than one in four small businesses have no security plan at all.
Cyber criminals don’t need to be that clever to breach weak defenses like this. They just need to turn over the “welcome mat” on the front door and find the key that was conveniently left in place. The consequences to small businesses can be devastating in terms of profit, growth, and customer loyalty. Small business data breaches can bring serious repercussions.
During a phishing, malware or ransomware attack, small businesses lose credit card numbers and other critical customer data – and they also lose customer confidence. Because of their lack of preparedness, some 50% of small businesses said it took 24 hours or longer to recover from a cyberattack. That’s an eternity in a world that moves at Internet speed that many small businesses never recover from.
A common and growing scheme for criminals is ransomware. This is where the criminals lock up access to a company’s computer system or data until they are paid to release it.
“There’s a new risk associated with ransomware infection that could make recovery even more expensive,” according to Forbes Magazine. “Cybercriminals are no longer content to encrypt their victims’ data and demand payment for its decryption. Now they’re downloading copies of those files and threatening to release them publicly if the ransom isn’t paid.” In 2019, the average cost to recover from a ransomware attack was $84,000. This amount includes the ransom that criminals are requiring, as well as hardware repair and replacement costs, lost revenues, and damage to the victim’s band. That’s enough to kill a small business, and it frequently does.
Don’t Let “Open Doors” Close Your Business
Here’s an unnerving statistic. Some 60% of small businesses that suffer a cyberattack go out of business within six months. After all the sweat and hard work it takes to build up a business, that’s a tragic way for it to end, especially since many of these attacks could be thwarted by putting proper security in place.
Think about it this way. What kind of security would you put around your home if you knew that you might well lose your home if someone was able to break in?
You don’t need to take that risk with your business. In Key cyber security windows you need to close, we’ll go over the important steps that a small business should take to “lock” their cyber doors, just as they would their physical doors.
Learn how you can help improve small business cyber security.