One of the most commonly shared myths among small businesses and their owners is that hackers have no interest in attacking them. That they are simply, "too small to be worth hacking." These assumptions couldn't be more wrong.
The reality is, a high percentage of cyberattacks target small businesses. Cybercriminals look for easily accessible, valuable data like credit card details and customer contact info, so the size of the business doesn’t matter. It’s the lack of cybersecurity that makes small businesses so attractive to hackers.
Thanks to our sponsor, Dell, we're going to take a closer look at the cyber threats/attacks that small businesses face and how they can best shield themselves from those threats.
Why are hackers targeting small businesses?
Studies over the last three years have shown that more than half of all cyberattacks were aimed at small businesses. Why? Because small business owners don’t always take cybersecurity seriously, some believe their company is too small to attract any interest from hackers. This couldn’t be further from the truth.
If you are taking payments for services or products, you have exactly what hackers want; customer credit card details and personal information, including your employee’s information.
Large companies can afford to invest millions in cybersecurity, while the majority of small businesses simply lack the resources and funds to have a dedicated IT team or advanced security protocols put into place. Hackers expect this and will take advantage of it the first chance they get.
The average cyberattack costs small business owners anywhere from $80,000 to $150,000. That may not be enough to bring down a behemoth sized businesses, but it's enough to cripple a smaller sized operation. A recent report stated that 60% of them ended up going out of business within six months after the attack.
How can small businesses defend themselves?
The best way for small businesses to protect themselves from hackers is to be proactive and vigilant. Keep informed and understand the real dangers that are threatening the online world, just waiting to pounce.
Here are some of the best ways for small businesses to stay protected from cyberattacks:
- Be aware of internal threats that may exist within your business - It's been reported that 31.5% of attacks are initiated by company insiders and employees. For example, the suspect in the recent Capital One hack turned out to be a former Amazon Web Service employee, who accessed the bank's customer files which were stored on Amazon's cloud server. By beefing up internal protocols, increasing authorization requirements and keeping a close eye on any/every employee with access to secured data, potential leaks and hacks should be stopped before they even have a chance to start.
- Invest in more secure forms of communication - This may come as a surprise, but faxing is actually the most secure form of communication in the business world. Furthermore, if your staff uses mobile devices for work or accessing accounts, you need restrictions on the information certain devices can access. There should also be strict rules on whether devices can be taken home as well as clear protocols for when/how IT can wipe a device clean.
- Designate a point person to oversee all cybersecurity efforts - Even if employees are wearing multiple hats and handling a variety of responsibilities, someone trustworthy should have their focus on security. This person doesn't have to necessarily handle all the work, but they need to find the right services or professionals who can implement the proper updates and upgrades.
- Properly train employees - Consistently provide ongoing training to employees on appropriate security practices and limit access to sensitive data to only specific employees who need it perform their duties. A majority of data breaches in both big and small businesses still occur when employees unwittingly download malicious materials disguised as emails that can pass for legitimate. Phishing scams are a prime example. So, it's worth it to educate employees on how to distinguish between real and fake downloadable content in order to avoid more harmful attacks later on.
- Install anti-virus software/hardware and keep it updated to meet the latest threats - Identity thieves take advantage of the ignorance and the fact that some companies fail or often forget to update their security software consistently and in a timely manner. So, it's important to keep your security protocols current and updated with the latest versions. Installing and testing a proper firewall is strongly recommended as well. Also, before downloading any files, make sure they are scanned for safety to avoid any unnecessary attacks.
- Keep critical data backed up - Once you've confirmed that your system is clear, healthy and you've implemented the proper security protocols, you must consider regularly backing up all of your data as well. This has become a significant step for small businesses due to the increase of attackers using cyber blackmail, or ransomware. Holding a company's valuable info hostage is an easy payday for hackers. However, businesses can take back control of the situation by having a backup plan at the ready. Having data saved across numerous locations, including on a cloud server, ensures businesses can access their data, even after it's been compromised. Kim recommends her trusted sponsor, IDrive for all of your backup needs. With IDrive, you can backup all your PCs, Macs and mobile devices into one account. Save 50% today, when you sign up at IDrive.com and use promo code Kim.
