Data breaches are a company’s biggest fear.
If you own a company, the thought of someone stealing your data is probably enough to make you want to cut the cord and take your company offline. Of course, this isn’t practical in today’s economy, as computers and the internet are a major part of almost every business.
You’ve probably noticed that most of the breaches we’ve been hearing about have been from major corporations, large hotel chains, hospitals, or social media platforms. This creates a false sense of security among small- to medium-sized businesses (SMBs).
But just because you’re not hearing about these smaller breaches doesn’t mean they’re not happening.
In fact, SMBs are as much of a target as larger corporations when it comes to cyberattacks. They just don’t get reported on the same scale as a breach from a company like Facebook or Marriott International. The reality is, according to Cisco’s 2018 Cybersecurity Report: Special Edition, SMB, 53% of medium-sized, or mid-market, companies have experienced a data breach.
This means that not only is it just as likely that smaller companies are going to experience some kind of attack, it’s more likely that a smaller company will be targeted over a large one. In this blog, we’ll take a look at why SMBs are likely targets for cyberattacks – and what they can do to protect themselves and their customers.
Why SMBs are targeted
It’s simple: SMBs find themselves as targets because they’re smaller.
Smaller organizations often have less money available for online security. Their security measures are scaled down compared to what you’d find with a larger multinational corporation. And this leaves the door wide open to hackers, malware, and other threats.
Smaller companies tend to only do one thing, like putting in a firewall, to guard against these types of threats. If there is an IT department, it’s stretched pretty thin. There’s also often a lack of strategic planning: It’s not uncommon for SMBs to start thinking about security after an attack, which doesn’t help anyone.
Part of the problem is that there are several ways that cyberattacks can happen. For example:
- 48% of cyberattacks in 2017 were the result of hacking.
- 30% were caused by malware.
- 20% were caused by people clicking links or using insecure devices.
Staying safe from these attacks can be tricky for a smaller business, but not impossible. You just have to be willing to do the work.
What’s at stake for SMBs?
The short answer? Everything.
Cyberattacks and breaches cause extensive downtime, and they can be expensive to fix. Not only that, but they affect a company’s reputation. Think of how many people left Facebook after their breach or how appealing the thought of staying at a Marriott hotel is at the moment.
Cyberattacks are also financially devastating. According to the Cisco report, 29% of companies claimed cyberattacks cost them $100,000. Another 20% reported the cost was over $1 million, including things like lost revenue, fines, lost customers, and out-of-pocket expenses for fixing the damage. In some places, this also includes prohibitive fines.
For larger companies like Facebook and Marriott – companies with a few million customers around the world – losses like this represent a serious stumbling block. But for SMBs, who may have a few thousand customers, the damage to reputation and finances can spell certain death. In fact, around 60% of companies that experience this kind of attack go under within six months of the incident.
How to prevent a breach
Cybersecurity for SMBs doesn’t have to be expensive. But it does have to be robust and thorough – and, perhaps most importantly, it has to become part of the company culture.
Alongside a robust security program, employers and senior management need to ensure that employees fully understand the risks and how to be as safe as possible. Because the threats facing businesses are always changing, cybersecurity awareness training needs to be done regularly to ensure everyone is up-to-date on current threats and how to prevent them.
This can include measures such as:
- Ensuring staff members regularly change their passwords.
- Limiting personal email and device use while at work.
- Seminars about phishing, including information about how to spot a phishing attempt and what to do if you think someone is trying to phish you.
- Reminding employees not to use USB sticks from untrusted sources as they can contain malware.
These are little things, but they can have big repercussions when it comes to keeping your business safe from breaches.
It can happen to you
The last thing that any company wants to deal with is a data breach.
But, unlike the high-profile cases that affect the multinational companies, these breaches are particularly bad for SMBs. And when you consider that there are more than 27 million SMBs in the U.S. and more than half of them have already been targets of an attack, it's obvious why cybersecurity is important for SMBs. You can’t simply sit back and say, “It won’t happen to me.”
Companies that take the time to put robust cybersecurity measures in place are often in a better position to both prevent and deal with any attacks that come their way.
Want to ensure that your business is safe? Function4 is here to help. Contact us today.
Originally published Jan 28, 2019 10:00:00 AM