I’ve spent a lot of time around small clinics and hospitals given the events in my life in 2021 and I’ve noticed a trend. The IT staff is usually a healthcare worker on break that happens to dabble in computers a bit at home.
I have friends and family that run their own small businesses, be it a hair salon, a gym, or a construction company; these people are experts at what they do.
They however don’t understand technology. I’ve built a website for professional engineer with projects from California to Pennsylvania and I’m providing support to his company. I’ve fixed networks and upgraded a CCTV system for a salon. I’m at the time of this writing, building a website for a couple of my friends who started their own BJJ gym.
I’ve been standing in line at a Mexican restaurant that was having internet issues and offered to look at their router only to find the generic DSL modem with the default credentials
In a world where we are constantly online and almost every business has some sort of online presence, it was inevitable that people who do not have a background in tech would increasingly rely on it for their own businesses. Their expertise is their profession but technology has become so core to running a successful business that they need more than just the help of their nephew who doesn’t know much besides fixing the default password on their router and using gmail.
This got me looking at the impact of cybercrime on small business. According to the US Department of Homeland Security, small businesses are three times more likely to be victims of cybercrime than larger businesses. There are several reasons for this but the human factor must be considered the primary cause in most cases. Smaller businesses typically operate with fewer controls and less security training.
Concerning Data Regarding Cyber Threats to Small Business
It is clear that cyber threats to small businesses are on the rise, and therefore, risk management is on the minds of many decision-makers. Cybersecurity postures should be consistently reviewed and revised as needed based on evolving threat landscape in order to ensure data security, particularly in areas such as user access.
This year saw a number of high-profile data breaches centered on small and medium-sized business (SMBs) – with ransomware being one of the most significant threats – and supply chain attack vulnerabilities being another growing concern.
Given this trend environment, it’s vital that SMB cybersecurity efforts encompass more than traditional in-house IT resources and include the use of third-party providers and solutions, especially in light of inconsistencies between larger enterprise IT environments and smaller SMB infrastructures.
While many businesses assume they’re impervious to attacks or cyber intrusions, there’s a lot they could learn from their peers, such as where cyber attacks originate and how data breaches happen. In addition, SMBs must stay informed about how to proactively prevent cyber threats and vulnerabilities.
If you are a business owner and have to deal with cyber-threats, it is important to be fully informed. Knowing what is going on will help you protect your company from cyber-attacks and ransomware.
Small business owners must take precautions to prevent themselves from becoming the target of cybercriminals. They need to understand the risks associated with data breaches and the strategies for mitigating them.
According to the 2018 Verizon Data Breach Investigations Report, two in five SMBs were impacted by ransomware in 2020. This is an increase from one in five in 2017 and one in ten in 2016.
One of the most common types of business email compromise (BEC) scams is invoice or payment fraud. This type of scam increased by 78% overall in 2020. The most common type of BEC scam is invoice or payment fraud.
Impacts and Insights
- Small businesses saw a 424% increase in cyberattacks overall last year in 2020
- One-third of small businesses report using free, consumer-grade cybersecurity
- 60% of small businesses think they’re unlikely to be attacked
- The average cost of insider-related cyber incidents was $7.68 million
- Ransomware is the most common threat to small businesses
- 60% of companies go out of business six months after a security breach
- Phishing is the top threat action for 30% of organizations
It’s one thing to acknowledge that cybersecurity is important to your business. It’s another to do everything in your power to protect it. After all, this isn’t just about preventing data breaches – it’s also about staying competitive and keeping your customers happy. Treat cybersecurity as a priority in your business and put some real effort into securing it.
Small business owners, may feel that they simply don’t have the time or resources to focus on cybersecurity. It’s easy to fall into the trap of thinking it won’t happen to me, but the truth is that it can-and does-happen to everyone.
The more data a business collects and stores, the greater the potential for a breach, and there is no way to predict when one will occur. This applies to individuals as well.
First and foremost, every decision-maker in your company should be familiar with basic security protocols (long password requirements, two-factor authentication) and have an understanding of what constitutes good cyber hygiene (keeping track of all devices connected to your network, conducting regular vulnerability tests, etc).
This training doesn’t need to be technical or complicated; it just needs to be ongoing so that everyone understands the importance of security.
More specifically, if you want your employees to understand how serious cyberattacks can be, they should undergo training that puts things in terms they can easily understand. For example, instead of merely telling them “don’t click on links from unknown sources,” tell them about the WannaCry attack . Explain the crippling effect this ransomware had on hospitals around the world.
Make it real for them by explaining how.
Simply put, cybersecurity is an important issue for businesses large and small, and should always be taken seriously. As small businesses are more likely to be attacked due to their lower profile, it’s important that they implement solid defenses as quickly as possible. And for those of us with experience in the field, we need to spread awareness among business owners-the security technology community has a key role to play in this regard.
No comments! Be the first commenter?