Cyber criminals are beginning to unleash cyber attacks on small businesses in increasing numbers. Learn to protect your business.
Small business owners might assume that their small size makes them immune to cyber threats. Cyber criminals, in other words, only go after the big, flashy opportunities, like the major cyber attack on Target in 2013, which compromised roughly 40 million credit and debit card accounts.
Unfortunately, that’s not entirely true, as cybercriminals are beginning to unleash cyber attacks on small businesses in increasing numbers. For example, Symantec’s 2016 Internet Security Threat Report highlighted that phishing campaigns launched by cyber criminals this year specifically targeted small businesses with less than 250 workers 43 percent of the time — in comparison, in 2011, only 18 percent of attacks targeted small businesses.
Cybercrime, in general, is on the rise. Last year, cyber criminals launched 430 million new types of malware software out into the world. The financial costs of these attacks are ever increasing, as well. In 2014, cyber attacks cost $12.69 million, and last year, the cost increased to $15.42 million. Small businesses, usually because they lack the sizable security budgets of larger firms, make for prime targets for cyber criminals. And the financial consequences can be costly. One study by the Cyber Security Alliance found that 60 percent of small businesses that experience a substantial cyber attack often close their doors permanently within six months. In order to prevent cyber attacks from occurring, small business owners must implement a number of basic but effective security measures. By doing this, these owners can protect not only their bottom line but their businesses’ future as well.
Why are cyber attacks on small businesses increasing?
It’s no surprise that small businesses have fewer resources to devote to cyber security measures, and as a result, their networks are typically more vulnerable than those of larger companies, effectively making them much easier targets. And when you consider that cyber criminal get away with an average of $32,000 when they go after a small business’ financial assets, it’s easy to understand why cyber criminals see small businesses as straightforward and moneymaking marks.
Cyber criminals often hack small businesses with the hopes of gleaning information that they can use to take on larger companies. For instance, in the case of the Target hack in 2013, cyber criminals actually gained access to the megacompany's database by hacking one of Target’s HVAC vendors. Lastly, while small business owners and CFOs might work hard to prevent hacking incidents from occurring, the average employee is actually fairly lax with their computer security. Sixty percent of employees often perform work duties from personal computers (and these often lack basic security protocols). Additionally, 62 percent of Americans often reuse passwords for multiple accounts, making it much simpler for cybercriminals to break into a system.
Tips on Protecting Your Small Business
There are a number of things small business owners can do to keep their business safe from cyber attacks:
- Anti-virus software: New computer viruses are developed each day, and simply updating anti-virus software on a consistent basis can help to keep a company safe from an attack. This approach is extremely cost-effective. Updating anti-virus software usually doesn’t require buying new software — it only involves a simple web download that takes a little time to install.
- Encryption: Business owners should consider encrypting their communication data as much as possible. Affordable encryption software is available for small business owners too, and it’s usually easy to install on multiple devices. At the very least, owners should avoid sending private financial information via email.
- Cloud storage: Investing in cloud storage can also be a good approach. Employees sometimes store sensitive data on personal hard drives or flash drives, and if the drive itself is ever lost, the information could be compromised. With the cloud, losing physical data is impossible, and that’s part of the reason why 94 percent of organizations want to or currently do use cloud-computing services.
- Educate Employees: It’s critical that owners inform employees about the dos-and-don'ts of cyber security. For instance, employees should never download information from suspicious links or attachments, and they should make sure to delete their cookies every month. Employees should also be strict about changing their passwords regularly, and they should use complicated passwords that aren’t easy to guess — incredibly, “123456” is still one of the most popular passwords in the U.S. and Western Europe.
- BYOD: Bring Your Own Device (BYOD) policies are popular with many start-ups, but they can lead to troubling compromises. If an employee can guarantee that they never engage in any unsafe activities (clicking suspicious links, using repeated passwords) with their personal computer, that’s fine — but the average American is usually not very concerned or cautious about cyber security with their personal device. Instead, companies should supply their employees with company-monitored devices to help ensure that nothing goes awry.
In short, by working to ensure that security protocols are in place, a small business owner can increase their chances of successfully withstanding a cyber attack. And while new security measures may end up costing a firm thousands of dollars, the added protection may help to protect a business from losing hundreds of thousands of dollars in financial assets to an attack — or better yet, the new measures may help to guarantee that the company remains in business, should an attack ever occur.
Photo credit: GlebStock/Shutterstock