How small businesses can defend against cyberattacks

Could you afford to lose $117,000? According to one estimate, that’s how much a digital data breach can cost a small business. Add to that startling number the fact that it takes an average of three days to stop a cyberattack, and the potential financial and operational damage becomes worryingly real.

“All of a sudden you’re bouncing checks because you thought you had a couple thousand dollars in your account,” Green Bay Police Department Capt. Jeremy Muraski explained while discussing the fallout for a local business that found itself in a hacker’s crosshairs. “All your bills go out, get paid, but there’s no money to support it, so then you have a bunch of creditors after you. So it leaves kind of a trail of destruction in its wake, for sure.”

Cyberattacks on small businesses are on the rise: In 2017, a shocking 61 percent of U.S. small businesses surveyed said they’d been a target of a cyberattack, compared with 55 percent in 2016. The most common security problem? Phishing and other forms of social engineering, usually involving a criminal posing as a legitimate organization who tries to obtain sensitive information, such as a password, through an email, text, or phone call. For the businesses surveyed, the costs of repairing the damage from a successful attack was high: more than $1 million.

Of course, big companies are at risk, too. But cybersecurity “represents an especially pernicious threat to smaller businesses,” a report from the Securities and Exchange Commission states. “The reason is simple: Small and mid-size businesses are not just targets of cybercrime; they are its principal target.”

Bigger businesses have their cyber acts together, with security policies and protocols in place, so cybercriminals are turning their attention to smaller, more vulnerable, enterprises. On top of this, smaller operations are less likely to be able to afford full-time cybersecurity staffers. This makes it harder to both diagnose potential weaknesses and find the cause of an attack when there is one.

Without the luxury of a board or teams of lawyers and consultants, startups need to know how to protect corporate information, intellectual property, and confidential data. But it seems small businesses aren’t yet taking this issue seriously enough. A loss of $117,000 may not be a big problem if a company has the right insurance in place, but just 21 percent of small businesses say they have insurance, and more than half of those without it said they had no intention of getting any. When asked the same question, just 9 percent of large businesses were as care-free.

To get cyber-smart, small businesses need to focus on the threats that are specific to their size and specialty.

“It seems like this big thing — ‘I’m supposed to be doing everything,'” says Michael Kaisser of the National Cyber Security Alliance. “The fact is, you don’t have to do everything. You have to do what’s important for your business and you have to make …read more

Source:: The Week – Business


(Visited 3 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *